I would like to make a couple of additions to the proposed model.
Permission Sets.
Allow the administrator to define a named set of permissions, and then
use the name as a permission later on. Permission sets would be
evaluated dynamically, so that changing the set definition would
Mark Shellenbaum wrote:
Darren J Moffat wrote:
Bill La Forge wrote:
I like to think of delegation as being a bit different than granting
permision--in fact, as a special permission that may include counts.
For example, you might delegate to a manager the ability to grant
select permissions.
Darren J Moffat wrote:
Mark Shellenbaum wrote:
Darren J Moffat wrote:
Bill La Forge wrote:
I like to think of delegation as being a bit different than granting
permision--in fact, as a special permission that may include counts.
For example, you might delegate to a manager the ability to
Mark Shellenbaum wrote:
The following is the delegated admin model that Matt and I have been
working on. At this point we are ready for your feedback on the
proposed model.
-Mark
PERMISSION GRANTING
zfs
Mark Shellenbaum wrote:
Glenn Skinner wrote:
The following is a nit-level comment, so I've directed it onl;y to you,
rather than to the entire list.
Date: Mon, 17 Jul 2006 09:57:35 -0600
From: Mark Shellenbaum [EMAIL PROTECTED]
Subject: [zfs-discuss] Proposal: delegated
Jeff Bonwick wrote:
PERMISSION GRANTING
zfs allow [-l] [-d] everyone|user|group ability[,ability...] \
...
zfs unallow dataset [-r] [-l] [-d]
If we're going to use English words, it should be allow and disallow.
The problem with 'disallow' is that it implies
Jeff Bonwick wrote:
PERMISSION GRANTING
zfs allow [-l] [-d] everyone|user|group ability[,ability...] \
...
zfs unallow dataset [-r] [-l] [-d]
If we're going to use English words, it should be allow and disallow.
The problem with 'disallow' is that it implies precluding a
On 7/18/06, Mark Shellenbaum [EMAIL PROTECTED] wrote:
Darren J Moffat wrote:
Bill La Forge wrote:
I like to think of delegation as being a bit different than granting
permision--in fact, as a special permission that may include counts.
For example, you might delegate to a manager the
Matthew Ahrens wrote:
On Mon, Jul 17, 2006 at 09:44:28AM -0700, Bart Smaalders wrote:
Mark Shellenbaum wrote:
PERMISSION GRANTING
zfs allow -c ability[,ability...] dataset
-c Create means that the permission will be granted (Locally) to the
creator on any newly-created descendant
Bart Smaalders wrote:
Matthew Ahrens wrote:
On Mon, Jul 17, 2006 at 09:44:28AM -0700, Bart Smaalders wrote:
Mark Shellenbaum wrote:
PERMISSION GRANTING
zfs allow -c ability[,ability...] dataset
-c Create means that the permission will be granted (Locally) to the
creator on any
On Mon, Jul 17, 2006 at 10:00:44AM -0700, Bart Smaalders wrote:
So as administrator what do I need to do to set
/export/home up for users to be able to create their own
snapshots, create dependent filesystems (but still mounted
underneath their /export/home/usrname)?
In other words, is
Matthew Ahrens wrote:
On Mon, Jul 17, 2006 at 10:00:44AM -0700, Bart Smaalders wrote:
So as administrator what do I need to do to set
/export/home up for users to be able to create their own
snapshots, create dependent filesystems (but still mounted
underneath their /export/home/usrname)?
In
On Mon, Jul 17, 2006 at 10:11:35AM -0700, Matthew Ahrens wrote:
I want root to create a new filesystem for a new user under
the /export/home filesystem, but then have that user get the
right privs via inheritance rather than requiring root to run
a set of zfs commands.
In that case, how
On 7/17/06, Mark Shellenbaum [EMAIL PROTECTED] wrote:
The following is the delegated admin model that Matt and I have been
working on. At this point we are ready for your feedback on the
proposed model.
-Mark
PERMISSION GRANTING
zfs allow [-l] [-d] everyone|user|group
Glenn Skinner wrote:
The following is a nit-level comment, so I've directed it onl;y to you,
rather than to the entire list.
Date: Mon, 17 Jul 2006 09:57:35 -0600
From: Mark Shellenbaum [EMAIL PROTECTED]
Subject: [zfs-discuss] Proposal: delegated administration
The following is
James Dickens wrote:
On 7/17/06, Mark Shellenbaum [EMAIL PROTECTED] wrote:
The following is the delegated admin model that Matt and I have been
working on. At this point we are ready for your feedback on the
proposed model.
-Mark
PERMISSION GRANTING
zfs allow [-l] [-d]
16 matches
Mail list logo