xref: /freebsd/sys/contrib/openzfs/man/man8/zfs-allow.8 (revision e8d8bef961a50d4dc22501cde4fb9fb0be1b2532)
1.\"
2.\" CDDL HEADER START
3.\"
4.\" The contents of this file are subject to the terms of the
5.\" Common Development and Distribution License (the "License").
6.\" You may not use this file except in compliance with the License.
7.\"
8.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9.\" or http://www.opensolaris.org/os/licensing.
10.\" See the License for the specific language governing permissions
11.\" and limitations under the License.
12.\"
13.\" When distributing Covered Code, include this CDDL HEADER in each
14.\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15.\" If applicable, add the following below this CDDL HEADER, with the
16.\" fields enclosed by brackets "[]" replaced with your own identifying
17.\" information: Portions Copyright [yyyy] [name of copyright owner]
18.\"
19.\" CDDL HEADER END
20.\"
21.\" Copyright (c) 2009 Sun Microsystems, Inc. All Rights Reserved.
22.\" Copyright 2011 Joshua M. Clulow <josh@sysmgr.org>
23.\" Copyright (c) 2011, 2019 by Delphix. All rights reserved.
24.\" Copyright (c) 2013 by Saso Kiselkov. All rights reserved.
25.\" Copyright (c) 2014, Joyent, Inc. All rights reserved.
26.\" Copyright (c) 2014 by Adam Stevko. All rights reserved.
27.\" Copyright (c) 2014 Integros [integros.com]
28.\" Copyright 2019 Richard Laager. All rights reserved.
29.\" Copyright 2018 Nexenta Systems, Inc.
30.\" Copyright 2019 Joyent, Inc.
31.\"
32.Dd May 27, 2021
33.Dt ZFS-ALLOW 8
34.Os
35.
36.Sh NAME
37.Nm zfs-allow
38.Nd delegate ZFS administration permissions to unprivileged users
39.Sh SYNOPSIS
40.Nm zfs
41.Cm allow
42.Op Fl dglu
43.Ar user Ns | Ns Ar group Ns Oo , Ns Ar user Ns | Ns Ar group Oc Ns …
44.Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
45.Ar setname Oc Ns …
46.Ar filesystem Ns | Ns Ar volume
47.Nm zfs
48.Cm allow
49.Op Fl dl
50.Fl e Ns | Ns Sy everyone
51.Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
52.Ar setname Oc Ns …
53.Ar filesystem Ns | Ns Ar volume
54.Nm zfs
55.Cm allow
56.Fl c
57.Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
58.Ar setname Oc Ns …
59.Ar filesystem Ns | Ns Ar volume
60.Nm zfs
61.Cm allow
62.Fl s No @ Ns Ar setname
63.Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
64.Ar setname Oc Ns …
65.Ar filesystem Ns | Ns Ar volume
66.Nm zfs
67.Cm unallow
68.Op Fl dglru
69.Ar user Ns | Ns Ar group Ns Oo , Ns Ar user Ns | Ns Ar group Oc Ns …
70.Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
71.Ar setname Oc Ns … Oc
72.Ar filesystem Ns | Ns Ar volume
73.Nm zfs
74.Cm unallow
75.Op Fl dlr
76.Fl e Ns | Ns Sy everyone
77.Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
78.Ar setname Oc Ns … Oc
79.Ar filesystem Ns | Ns Ar volume
80.Nm zfs
81.Cm unallow
82.Op Fl r
83.Fl c
84.Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
85.Ar setname Oc Ns … Oc
86.Ar filesystem Ns | Ns Ar volume
87.Nm zfs
88.Cm unallow
89.Op Fl r
90.Fl s No @ Ns Ar setname
91.Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
92.Ar setname Oc Ns … Oc
93.Ar filesystem Ns | Ns Ar volume
94.
95.Sh DESCRIPTION
96.Bl -tag -width ""
97.It Xo
98.Nm zfs
99.Cm allow
100.Ar filesystem Ns | Ns Ar volume
101.Xc
102Displays permissions that have been delegated on the specified filesystem or
103volume.
104See the other forms of
105.Nm zfs Cm allow
106for more information.
107.Pp
108Delegations are supported under Linux with the exception of
109.Sy mount ,
110.Sy unmount ,
111.Sy mountpoint ,
112.Sy canmount ,
113.Sy rename ,
114and
115.Sy share .
116These permissions cannot be delegated because the Linux
117.Xr mount 8
118command restricts modifications of the global namespace to the root user.
119.It Xo
120.Nm zfs
121.Cm allow
122.Op Fl dglu
123.Ar user Ns | Ns Ar group Ns Oo , Ns Ar user Ns | Ns Ar group Oc Ns …
124.Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
125.Ar setname Oc Ns …
126.Ar filesystem Ns | Ns Ar volume
127.Xc
128.It Xo
129.Nm zfs
130.Cm allow
131.Op Fl dl
132.Fl e Ns | Ns Sy everyone
133.Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
134.Ar setname Oc Ns …
135.Ar filesystem Ns | Ns Ar volume
136.Xc
137Delegates ZFS administration permission for the file systems to non-privileged
138users.
139.Bl -tag -width "-d"
140.It Fl d
141Allow only for the descendent file systems.
142.It Fl e Ns | Ns Sy everyone
143Specifies that the permissions be delegated to everyone.
144.It Fl g Ar group Ns Oo , Ns Ar group Oc Ns …
145Explicitly specify that permissions are delegated to the group.
146.It Fl l
147Allow
148.Qq locally
149only for the specified file system.
150.It Fl u Ar user Ns Oo , Ns Ar user Oc Ns …
151Explicitly specify that permissions are delegated to the user.
152.It Ar user Ns | Ns Ar group Ns Oo , Ns Ar user Ns | Ns Ar group Oc Ns …
153Specifies to whom the permissions are delegated.
154Multiple entities can be specified as a comma-separated list.
155If neither of the
156.Fl gu
157options are specified, then the argument is interpreted preferentially as the
158keyword
159.Sy everyone ,
160then as a user name, and lastly as a group name.
161To specify a user or group named
162.Qq everyone ,
163use the
164.Fl g
165or
166.Fl u
167options.
168To specify a group with the same name as a user, use the
169.Fl g
170options.
171.It Xo
172.Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
173.Ar setname Oc Ns …
174.Xc
175The permissions to delegate.
176Multiple permissions may be specified as a comma-separated list.
177Permission names are the same as ZFS subcommand and property names.
178See the property list below.
179Property set names, which begin with
180.Sy @ ,
181may be specified.
182See the
183.Fl s
184form below for details.
185.El
186.Pp
187If neither of the
188.Fl dl
189options are specified, or both are, then the permissions are allowed for the
190file system or volume, and all of its descendents.
191.Pp
192Permissions are generally the ability to use a ZFS subcommand or change a ZFS
193property.
194The following permissions are available:
195.TS
196l l l .
197NAME	TYPE	NOTES
198_	_	_
199allow	subcommand	Must also have the permission that is being allowed
200bookmark	subcommand
201clone	subcommand	Must also have the \fBcreate\fR ability and \fBmount\fR ability in the origin file system
202create	subcommand	Must also have the \fBmount\fR ability. Must also have the \fBrefreservation\fR ability to create a non-sparse volume.
203destroy	subcommand	Must also have the \fBmount\fR ability
204diff	subcommand	Allows lookup of paths within a dataset given an object number, and the ability to create snapshots necessary to \fBzfs diff\fR.
205hold	subcommand	Allows adding a user hold to a snapshot
206load	subcommand	Allows loading and unloading of encryption key (see \fBzfs load-key\fR and \fBzfs unload-key\fR).
207change	subcommand	Allows changing an encryption key via \fBzfs change-key\fR.
208mount	subcommand	Allows mounting/umounting ZFS datasets
209promote	subcommand	Must also have the \fBmount\fR and \fBpromote\fR ability in the origin file system
210receive	subcommand	Must also have the \fBmount\fR and \fBcreate\fR ability
211release	subcommand	Allows releasing a user hold which might destroy the snapshot
212rename	subcommand	Must also have the \fBmount\fR and \fBcreate\fR ability in the new parent
213rollback	subcommand	Must also have the \fBmount\fR ability
214send	subcommand
215share	subcommand	Allows sharing file systems over NFS or SMB protocols
216snapshot	subcommand	Must also have the \fBmount\fR ability
217
218groupquota	other	Allows accessing any \fBgroupquota@\fI...\fR property
219groupused	other	Allows reading any \fBgroupused@\fI...\fR property
220userprop	other	Allows changing any user property
221userquota	other	Allows accessing any \fBuserquota@\fI...\fR property
222userused	other	Allows reading any \fBuserused@\fI...\fR property
223projectobjquota	other	Allows accessing any \fBprojectobjquota@\fI...\fR property
224projectquota	other	Allows accessing any \fBprojectquota@\fI...\fR property
225projectobjused	other	Allows reading any \fBprojectobjused@\fI...\fR property
226projectused	other	Allows reading any \fBprojectused@\fI...\fR property
227
228aclinherit	property
229acltype	property
230atime	property
231canmount	property
232casesensitivity	property
233checksum	property
234compression	property
235copies	property
236devices	property
237exec	property
238filesystem_limit	property
239mountpoint	property
240nbmand	property
241normalization	property
242primarycache	property
243quota	property
244readonly	property
245recordsize	property
246refquota	property
247refreservation	property
248reservation	property
249secondarycache	property
250setuid	property
251sharenfs	property
252sharesmb	property
253snapdir	property
254snapshot_limit	property
255utf8only	property
256version	property
257volblocksize	property
258volsize	property
259vscan	property
260xattr	property
261zoned	property
262.TE
263.It Xo
264.Nm zfs
265.Cm allow
266.Fl c
267.Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
268.Ar setname Oc Ns …
269.Ar filesystem Ns | Ns Ar volume
270.Xc
271Sets
272.Qq create time
273permissions.
274These permissions are granted
275.Pq locally
276to the creator of any newly-created descendent file system.
277.It Xo
278.Nm zfs
279.Cm allow
280.Fl s No @ Ns Ar setname
281.Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
282.Ar setname Oc Ns …
283.Ar filesystem Ns | Ns Ar volume
284.Xc
285Defines or adds permissions to a permission set.
286The set can be used by other
287.Nm zfs Cm allow
288commands for the specified file system and its descendents.
289Sets are evaluated dynamically, so changes to a set are immediately reflected.
290Permission sets follow the same naming restrictions as ZFS file systems, but the
291name must begin with
292.Sy @ ,
293and can be no more than 64 characters long.
294.It Xo
295.Nm zfs
296.Cm unallow
297.Op Fl dglru
298.Ar user Ns | Ns Ar group Ns Oo , Ns Ar user Ns | Ns Ar group Oc Ns …
299.Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
300.Ar setname Oc Ns … Oc
301.Ar filesystem Ns | Ns Ar volume
302.Xc
303.It Xo
304.Nm zfs
305.Cm unallow
306.Op Fl dlr
307.Fl e Ns | Ns Sy everyone
308.Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
309.Ar setname Oc Ns … Oc
310.Ar filesystem Ns | Ns Ar volume
311.Xc
312.It Xo
313.Nm zfs
314.Cm unallow
315.Op Fl r
316.Fl c
317.Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
318.Ar setname Oc Ns … Oc
319.Ar filesystem Ns | Ns Ar volume
320.Xc
321Removes permissions that were granted with the
322.Nm zfs Cm allow
323command.
324No permissions are explicitly denied, so other permissions granted are still in
325effect.
326For example, if the permission is granted by an ancestor.
327If no permissions are specified, then all permissions for the specified
328.Ar user ,
329.Ar group ,
330or
331.Sy everyone
332are removed.
333Specifying
334.Sy everyone
335.Po or using the
336.Fl e
337option
338.Pc
339only removes the permissions that were granted to everyone, not all permissions
340for every user and group.
341See the
342.Nm zfs Cm allow
343command for a description of the
344.Fl ldugec
345options.
346.Bl -tag -width "-r"
347.It Fl r
348Recursively remove the permissions from this file system and all descendents.
349.El
350.It Xo
351.Nm zfs
352.Cm unallow
353.Op Fl r
354.Fl s No @ Ns Ar setname
355.Oo Ar perm Ns | Ns @ Ns Ar setname Ns Oo , Ns Ar perm Ns | Ns @ Ns
356.Ar setname Oc Ns … Oc
357.Ar filesystem Ns | Ns Ar volume
358.Xc
359Removes permissions from a permission set.
360If no permissions are specified, then all permissions are removed, thus removing
361the set entirely.
362.El
363