On Feb 20, 2013, at 2:49 PM, Markus Grundmann <mar...@freebsduser.eu> wrote:
> Hi! > > My name is Markus and I living in germany. I'm new to this list and I have a > simple question > related to zfs. My favorite operating system is FreeBSD and I'm very happy to > use zfs on them. > > It's possible to enhance the properties in the current source tree with an > entry like "protected"? > I find it seems not to be difficult but I'm not an professional C programmer. > For more information > please take a little bit of time and read my short post at > > http://forums.freebsd.org/showthread.php?t=37895 > > I have reviewed some pieces of the source code in FreeBSD 9.1 to find out how > difficult it was to > add an pool / filesystem property as an additional security layer for > administrators. > > Whenever I modify zfs pools or filesystems it's possible to destroy [on a bad > day :-)] my data. A new > property "protected=on|off" in the pool and/or filesystem can help the > administrator for datalost > (e.g. "zpool destroy tank" or "zfs destroy <tank/filesystem>" command will be > rejected > when "protected=on" property is set). Look at the delegable properties (zfs allow). For example, you can delegate a user to have specific privileges and then not allow them to destroy. Note: I'm only 99% sure this is implemented in FreeBSD, hopefully someone can verify. -- richard > > It's anywhere here on this list their can discuss/forward this feature > request? I hope you have > understand my post ;-) > > Thanks and best regards, > Markus > > _______________________________________________ > zfs-discuss mailing list > zfs-discuss@opensolaris.org > http://mail.opensolaris.org/mailman/listinfo/zfs-discuss -- richard.ell...@richardelling.com +1-760-896-4422
_______________________________________________ zfs-discuss mailing list zfs-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/zfs-discuss