Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 21 May 2017 08:20:15 +0000
From:      bugzilla-noreply@freebsd.org
To:        freebsd-bugs@FreeBSD.org
Subject:   [Bug 219433] ZFS volume cannot be created by delegated user
Message-ID:  <bug-219433-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D219433

            Bug ID: 219433
           Summary: ZFS volume cannot be created by delegated user
           Product: Base System
           Version: 11.0-RELEASE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: kern
          Assignee: freebsd-bugs@FreeBSD.org
          Reporter: p5B2E9A8F@t-online.de

While creating a zfs filesystem by a delegated user works fine, creating a =
zfs
volume fails:


# zfs allow mypool
---- Permissions on mypool --------------------------------------------
Permission sets:
        @container
clone,create,destroy,mount,mountpoint,promote,reservation,rollback,snapshot=
,volblocksize,volsize

# zfs create mypool/container
# zfs allow -u myuser @container mypool/container
# su myuser

$ zfs allow mypool/container
---- Permissions on mypool/container ----------------------------------
Local+Descendent permissions:
        user myuser @container
---- Permissions on mypool --------------------------------------------
Permission sets:
        @container
clone,create,destroy,mount,mountpoint,promote,reservation,rollback,snapshot=
,volblocksize,volsize

$ zfs create -o mountpoint=3Dlegacy mypool/container/myfilesystem
$ zfs list -r mypool/container
NAME                            USED  AVAIL  REFER  MOUNTPOINT
mypool/container                192K  50,3G    96K  /mypool/container
mypool/container/myfilesystem    96K  50,3G    96K  legacy

$ zfs create -V 128m mypool/container/myvolume
cannot create 'mypool/container/myvolume': permission denied

>From man 8 zfs delegating operations on volumes should be possible, no word=
 is
found that creation of volumes is exempt:

zfs allow filesystem|volume
     zfs allow [-ldug] user|group[,user|group]...
         perm|@setname[,perm|@setname]... filesystem|volume
     zfs allow [-ld] -e|everyone perm|@setname[,perm|@setname]...
         filesystem|volume
     zfs allow -c perm|@setname[,perm|@setname]... filesystem|volume
     zfs allow -s @setname perm|@setname[,perm|@setname]... filesystem|volu=
me

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-219433-8>