New in version 2.8.
zfs allow section of zfs(1M) for detailed explanations of options.The below requirements are needed on the host that executes this module.
| Parameter | Choices/Defaults | Comments |
|---|---|---|
|
descendents
boolean
|
|
Apply permissions to
name's descendents (zfs allow -d). |
|
everyone
boolean
|
|
Apply permissions to everyone.
|
|
groups
list
|
List of groups to whom permission(s) should be granted.
|
|
|
local
boolean
|
|
Apply permissions to
name locally (zfs allow -l). |
|
name
string
/ required
|
File system or volume name e.g.
rpool/myfs. |
|
|
permissions
list
|
|
The list of permission(s) to delegate (required if
state is present). |
|
recursive
boolean
|
|
Unallow permissions recursively (ignored when
state is present). |
|
state
-
/ required
|
|
Whether to allow (
present), or unallow (absent) a permission.When set to
present, at least one "entity" param of users, groups, or everyone are required.When set to
absent, removes permissions from the specified entities, or removes all permissions if no entity params are specified. |
|
users
list
|
List of users to whom permission(s) should be granted.
|
- name: Grant `zfs allow` and `unallow` permission to the `adm` user with the default local+descendents scope
zfs_delegate_admin:
name: rpool/myfs
users: adm
permissions: allow,unallow
- name: Grant `zfs send` to everyone, plus the group `backup`
zfs_delegate_admin:
name: rpool/myvol
groups: backup
everyone: yes
permissions: send
- name: Grant `zfs send,receive` to users `foo` and `bar` with local scope only
zfs_delegate_admin:
name: rpool/myfs
users: foo,bar
permissions: send,receive
local: yes
- name: Revoke all permissions from everyone (permissions specifically assigned to users and groups remain)
- zfs_delegate_admin:
name: rpool/myfs
everyone: yes
state: absent
Hint
If you notice any issues in this documentation you can edit this document to improve it.