Tuesday, July 3, 2012

delegating the right of create/destroy snapshot in non global zone on Solaris10


I'd like to grant the right of creating/destroying snapshots (in a non 
global zone) 
to an ordinary unix user but the way written in some tutorial does not work. 

It seems so that the 'zfs' command does not know 
the 'allow' subcommand in a non global zone on Solaris10. 
Even when used by the zone administrator (see below). 

Some idea? 
/# uname -a 
SunOS Fire445z1 5.10 Generic_125100-07 sun4u sparc SUNW,Sun-Fire-V445 
/# zfs allow testpool/zones/zone1_ds/zfs-KBC 
unrecognized command 'allow' 
usage: zfs command args ... 
where 'command' is one of the following: 

create <filesystem> 
create [-s] [-b blocksize] -V <size> <volume> 
destroy [-rRf] <filesystem|volume|snapshot> 

snapshot [-r] <filesystem@name|volume@name> 
rollback [-rRf] <snapshot> 
clone <snapshot> <filesystem|volume> 
promote <clone filesystem> 
rename <filesystem|volume|snapshot> <filesystem|volume|snapshot> 

list [-rH] [-o property[,property]...] [-t type[,type]...] 
[filesystem|volume|snapshot] ... 

set <property=value> <filesystem|volume> ... 
get [-rHp] [-o field[,field]...] [-s source[,source]...] 
<all | property[,property]...> <filesystem|volume|snapshot> ... 
inherit [-r] <property> <filesystem|volume> ... 

mount [-o opts] [-O] -a 
mount [-o opts] [-O] <filesystem> 

unmount [-f] -a 
unmount [-f] <filesystem|mountpoint> 

share -a 
share <filesystem> 

unshare [-f] -a 
unshare [-f] <filesystem|mountpoint> 

send [-i <snapshot>] <snapshot> 
receive [-vn] <filesystem|volume|snapshot> 
receive [-vn] -d <filesystem> 

Each dataset is of the form: pool/[dataset/]*dataset[@name] 

For the property list, run: zfs set|get 

ORMOS, Zolt???n 
Does "zfs list" work in the zone for you? What version of zfs are you 
running (what does "zfs upgrade -v" show)? 

"zfs list" works fine for zone administrator & for zone user too
Your Solaris 10 version is pretty old. You should probably be installing the latest Recommended Patches or using smpatch to update your system. 
What does this return? 

# showrev -p | grep SUNWzfs | cut -f2 -d' ' | sort -u 

It's likely Bernie is right, and your zfs is the original version and not up 
to date. 


Post a Comment

Design by BABU | Dedicated to grandfather | welcome to BABU-UNIX-FORUM