[Bug 219433] ZFS volume cannot be created by delegated user

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Sun May 21 08:20:15 UTC 2017 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219433

            Bug ID: 219433
           Summary: ZFS volume cannot be created by delegated user
           Product: Base System
           Version: 11.0-RELEASE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: kern
          Assignee: freebsd-bugs at FreeBSD.org
          Reporter: p5B2E9A8F at t-online.de

While creating a zfs filesystem by a delegated user works fine, creating a zfs
volume fails:


# zfs allow mypool
---- Permissions on mypool --------------------------------------------
Permission sets:
        @container
clone,create,destroy,mount,mountpoint,promote,reservation,rollback,snapshot,volblocksize,volsize

# zfs create mypool/container
# zfs allow -u myuser @container mypool/container
# su myuser

$ zfs allow mypool/container
---- Permissions on mypool/container ----------------------------------
Local+Descendent permissions:
        user myuser @container
---- Permissions on mypool --------------------------------------------
Permission sets:
        @container
clone,create,destroy,mount,mountpoint,promote,reservation,rollback,snapshot,volblocksize,volsize

$ zfs create -o mountpoint=legacy mypool/container/myfilesystem
$ zfs list -r mypool/container
NAME                            USED  AVAIL  REFER  MOUNTPOINT
mypool/container                192K  50,3G    96K  /mypool/container
mypool/container/myfilesystem    96K  50,3G    96K  legacy

$ zfs create -V 128m mypool/container/myvolume
cannot create 'mypool/container/myvolume': permission denied

>From man 8 zfs delegating operations on volumes should be possible, no word is
found that creation of volumes is exempt:

zfs allow filesystem|volume
     zfs allow [-ldug] user|group[,user|group]...
         perm|@setname[,perm|@setname]... filesystem|volume
     zfs allow [-ld] -e|everyone perm|@setname[,perm|@setname]...
         filesystem|volume
     zfs allow -c perm|@setname[,perm|@setname]... filesystem|volume
     zfs allow -s @setname perm|@setname[,perm|@setname]... filesystem|volume

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-bugs mailing list