Delegate zpool export


 
Thread Tools Search this Thread
Operating Systems Solaris Delegate zpool export
# 1  
Old 09-30-2015
Delegate zpool export

I have a role.

lets call it "Oracle Backup"

that role has the following profiles:
Code:
oraback@devl0:~$ profiles
formaters
zoneadm
Oracle Backup
ZFS File System Management
ZFS Storage Management
Basic Solaris User
All

but when I try to export a zpool:
Code:
oraback@devl0:~$ zpool export db_tmp
cannot export 'db_tmp': permission denied

what gives?
# 2  
Old 10-01-2015
To find out which privileges are required for a program on Solaris OS the command is
Code:
ppriv -eD zpool export db_tmp

Also truss can be handy.
Using Privileges (Tasks) - Oracle Solaris Administration: Security Services

Regards
Peasant.
# 3  
Old 10-01-2015
yup did that.... only response was ioctl.
# 4  
Old 10-02-2015
As root:

Code:
zfs allow user mount db_tmp
usermod -K defaultpriv=basic,sys_config user

zpool export command should now work for db_tmp.

Please note a sys_config privilege, it is a monster, you might want to be careful in giving that.

Why give users ability to export zpools ?
Rather delegate ZFS filesystems permissions, without modifying users privileges...
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. BSD

Zpool problem

Hi I have a problem with size on zfs filesystem on FreeBSD 9.2-RELEASE-p3. When I do this: free01# df -Th Filesystem Type Size Used Avail Capacity Mounted on /dev/ufs/FreeNASdde ufs 926M 826M 26M 97% / devfs devfs ... (1 Reply)
Discussion started by: primo102
1 Replies

2. Solaris

Zpool import/export error

A backup/clone script of ours was recently ran. It normally only clones the rpool and renames in rpoolA. Something must've changed as it found another one of our pools that it shouldn't have. It exported that pool unbeknownst to us. Later on when a coworker realized the other pool was missing he... (2 Replies)
Discussion started by: beantownmp
2 Replies

3. UNIX for Advanced & Expert Users

Solaris 10: I forgot to detach a zone before zpool export. Uninstall zone?

Dear all, recently, I migrated a solaris zone from one host to another. The zone was inside of a zpool. The zpool cotains two volumes. I did the following: host1: $ zlogin zone1 shutdown -y -g0 -i0 #Zone status changes from running to installed $ zpool export zone1 host2: $ zpool... (2 Replies)
Discussion started by: custos
2 Replies

4. Solaris

Shrinking zpool

Hello experts, I have a solaris 10 (SunOS 5.10 Generic_148888-05 sun4u sparc SUNW,SPARC-Enterprise) that by mistake I added a second san space of 700g to the pool. the whole pool is now 1.2T and, I need to take the space away from the pool and, make the pool 700g total. this is live oracle... (7 Replies)
Discussion started by: afadaghi
7 Replies

5. Solaris

How to tell what disks are used for a zpool?

Hello, Does anyone know how I can tell what disk are being not being used by a zpool? For example in Veritas Volume manager, I can run a "vxdisk list" and disks that are marked as "online invalid" are disk that are not used. I'm looking for a similar command in ZFS which will easily show... (5 Replies)
Discussion started by: robertinoau
5 Replies

6. Solaris

Zpool query

Hi, I have an X86pc with Solaris 10 and ZFS system. It has 8 similar disks. I need help in creating some zpools and changing the mount-point of a slice. Currently, the zpool in my system is like this: root@abcxxx>zpool status pool: rpool state: ONLINE scrub: none requested... (4 Replies)
Discussion started by: mystition
4 Replies

7. UNIX for Dummies Questions & Answers

Sudo to delegate permission from non-root user to another non-root user

I've been through many threads before i decide to create a separate thread. I can't really find the solution to my (simple) problem. Here's what I'm trying to achieve: As "canar" user I want to run a command, let's say "/opt/ocaml/bin/ocaml" as "duck" user. The only to achieve this is to... (1 Reply)
Discussion started by: canar
1 Replies

8. Solaris

ZPOOL help..

hi ... i have added a physical disk to the pool with ""zpool add <poolname> diskname"""... after that i realized that i have to mirror it instead..then i tried to take that disk out of the pool but i m not able to do that.. i have gone through many unix help sites , nothing worked , so please... (6 Replies)
Discussion started by: yrajendergoud
6 Replies

9. Solaris

need zpool to revert...

hi i have created a pool using zpool command for my /dev/dsk/c1d0s3 disk. The poolname is qwertyuiopasdfghjklmnbvcxzzxcvbnmasdfghjklqwertyuiopoiuytrewqasdfghjklkjhgfdsazxcvbnmmnbnbcxczxzassd ddddvfhfghgjjgjhgkhkljfjlhohihiuyuioyguioyguiowyuiogwyuigwrigywuigyguiyuiogyugiyguioyuyguiowygiuygui... (1 Reply)
Discussion started by: SankarV
1 Replies
Login or Register to Ask a Question