5 Replies Latest reply: May 23, 2013 12:30 PM by 988801 RSS

    zfs file inhertance

    762955
      I am a bit confused about how to properly setup file inheritance at the directory level. So that I can set that the proper inheritance basically I want to files in inheritance permission from the folder they are in. Let’s say I have a folder called foo and I want the files in foo to inherent read permissions. I believe the ACL is setup right IE chmod+user:testuser:r:f:allow foo/ Which should give the user foo read access to all files in the foo directory assuming the inherit permissions from directory foo/ is correct. I then ran zfs set aclinherit=passthrough foo/ but get invalid dataset. What am I doing wrong?
        • 1. Re: zfs file inhertance
          Reidod
          Hi,

          The command: zfs set aclinherit=passthrough foo/

          should not end with /

          Regards,
          Rei
          • 2. Re: zfs file inhertance
            762955
            If i understand right zfs set aclinherit=passthrough foo command must be ran as root correct? I just have a noraml user account.
            • 3. Re: zfs file inhertance
              Cindys-Oracle
              I don't think there is a way by just using standard ACL permissions to allow inheritable permissions on file system objects in a file system that you don't rights to from the top-level.

              You'll need to be the root user or have the right administrative privileges to set this as a regular user. Your administrator would need to delegate permissions for you to manage the foo file system. See the example below where user amy is delegated administrative permissions to manage pond/data.

              http://docs.oracle.com/cd/E26505_01/html/E37384/gebxb.html#scrolltoc

              Thanks, Cindy

              # chmod A+user:amy:add_subdirectory:fd:allow pond/data
              # zfs allow amy create,destroy,mount,aclinherit pond/data
              # su - amy
              Oracle Corporation SunOS 5.10 Generic Patch January 2005
              $ /usr/sbin/zfs set aclinherit=passthrough pond/data
              • 4. Re: zfs file inhertance
                762955
                I figured either root or delegated permissions would be required but wanted to make sure I understood correctly. If I have file inheritance with pass though enabled by the root user then the ACL inheritance should work correct after running the below command as a standard user?
                run as root zfs set aclinherit=passthrough foo
                than as a standard user run chmod A+user:gozer:read_data:file_inherit:allow foo

                or would both commands require root or delegated permissions in order to work. I am able to run chmod A+user:gozer:read_data:file_inherit:allow foo but file inheritance won’t work since that requires root or delegated permissions.

                Thanks for your input.
                • 5. Re: zfs file inhertance
                  988801
                  Hi,

                  this command is not correct when doing inheritance chmod+user:testuser:r:f:allow foo/ . If I read correctly, r (is for read) f, is for file_inherit

                  Run this command as the owner of the file or if you are root

                  # chmod A+user:testuser:r:f:allow foo

                  That should do the trick.

                  Thanks

                  Arrey