New in version 2.8.
zfs allow
section of zfs(1M
) for detailed explanations of options.The below requirements are needed on the host that executes this module.
Parameter | Choices/Defaults | Comments |
---|---|---|
descendents
boolean
|
|
Apply permissions to
name 's descendents (zfs allow -d ). |
everyone
boolean
|
|
Apply permissions to everyone.
|
groups
list
|
List of groups to whom permission(s) should be granted.
|
|
local
boolean
|
|
Apply permissions to
name locally (zfs allow -l ). |
name
string
/ required
|
File system or volume name e.g.
rpool/myfs . |
|
permissions
list
|
|
The list of permission(s) to delegate (required if
state is present ). |
recursive
boolean
|
|
Unallow permissions recursively (ignored when
state is present ). |
state
-
/ required
|
|
Whether to allow (
present ), or unallow (absent ) a permission.When set to
present , at least one "entity" param of users, groups, or everyone are required.When set to
absent , removes permissions from the specified entities, or removes all permissions if no entity params are specified. |
users
list
|
List of users to whom permission(s) should be granted.
|
- name: Grant `zfs allow` and `unallow` permission to the `adm` user with the default local+descendents scope
zfs_delegate_admin:
name: rpool/myfs
users: adm
permissions: allow,unallow
- name: Grant `zfs send` to everyone, plus the group `backup`
zfs_delegate_admin:
name: rpool/myvol
groups: backup
everyone: yes
permissions: send
- name: Grant `zfs send,receive` to users `foo` and `bar` with local scope only
zfs_delegate_admin:
name: rpool/myfs
users: foo,bar
permissions: send,receive
local: yes
- name: Revoke all permissions from everyone (permissions specifically assigned to users and groups remain)
- zfs_delegate_admin:
name: rpool/myfs
everyone: yes
state: absent
Hint
If you notice any issues in this documentation you can edit this document to improve it.