On Feb 20, 2013, at 3:27 PM, Tim Cook <t...@cook.ms> wrote:
> On Wed, Feb 20, 2013 at 5:09 PM, Richard Elling <richard.ell...@gmail.com>
> On Feb 20, 2013, at 2:49 PM, Markus Grundmann <mar...@freebsduser.eu> wrote:
>> My name is Markus and I living in germany. I'm new to this list and I have a
>> simple question
>> related to zfs. My favorite operating system is FreeBSD and I'm very happy
>> to use zfs on them.
>> It's possible to enhance the properties in the current source tree with an
>> entry like "protected"?
>> I find it seems not to be difficult but I'm not an professional C
>> programmer. For more information
>> please take a little bit of time and read my short post at
>> I have reviewed some pieces of the source code in FreeBSD 9.1 to find out
>> how difficult it was to
>> add an pool / filesystem property as an additional security layer for
>> Whenever I modify zfs pools or filesystems it's possible to destroy [on a
>> bad day :-)] my data. A new
>> property "protected=on|off" in the pool and/or filesystem can help the
>> administrator for datalost
>> (e.g. "zpool destroy tank" or "zfs destroy <tank/filesystem>" command will
>> be rejected
>> when "protected=on" property is set).
> Look at the delegable properties (zfs allow). For example, you can delegate a
> user to have
> specific privileges and then not allow them to destroy.
> Note: I'm only 99% sure this is implemented in FreeBSD, hopefully someone can
> -- richard
> With the version of allow I'm looking at, unless I'm missing a setting, it
> looks like it'd be a complete nightmare. I see no concept of "deny", so that
> means you either have to give *everyone* all permissions besides delete, or
> you have to go through every user/group on the box and give specific
> permissions and on top of not allowing destroy. And then if you change your
> mind later you have to go back through and give everyone you want to have
> that feature access to it. That seems like a complete PITA to me.
:-) they don't call it "idiot-proofing" for nothing! :-)
But seriously, one of the first great zfs-discuss wars was over the request for
"-f" flag for "destroy." The result of the research showed that if you typed
then you meant it, and adding a "-f" flag just teaches you to type "destroy -f"
See also "kill -9"
zfs-discuss mailing list