#include <sys/dmu.h>
#include <sys/dsl_pool.h>
#include <sys/zfs_context.h>

Include dependency graph for dsl_deleg.h:

This graph shows which files directly or indirectly include this file:

Defines
#define	ZFS_DELEG_PERM_NONE ""
#define	ZFS_DELEG_PERM_CREATE "create"
#define	ZFS_DELEG_PERM_DESTROY "destroy"
#define	ZFS_DELEG_PERM_SNAPSHOT "snapshot"
#define	ZFS_DELEG_PERM_ROLLBACK "rollback"
#define	ZFS_DELEG_PERM_CLONE "clone"
#define	ZFS_DELEG_PERM_PROMOTE "promote"
#define	ZFS_DELEG_PERM_RENAME "rename"
#define	ZFS_DELEG_PERM_MOUNT "mount"
#define	ZFS_DELEG_PERM_SHARE "share"
#define	ZFS_DELEG_PERM_SEND "send"
#define	ZFS_DELEG_PERM_RECEIVE "receive"
#define	ZFS_DELEG_PERM_ALLOW "allow"
#define	ZFS_DELEG_PERM_USERPROP "userprop"
#define	ZFS_DELEG_PERM_VSCAN "vscan"
#define	ZFS_DELEG_PERM_USERQUOTA "userquota"
#define	ZFS_DELEG_PERM_GROUPQUOTA "groupquota"
#define	ZFS_DELEG_PERM_USERUSED "userused"
#define	ZFS_DELEG_PERM_GROUPUSED "groupused"
#define	ZFS_DELEG_PERM_HOLD "hold"
#define	ZFS_DELEG_PERM_RELEASE "release"
#define	ZFS_DELEG_PERM_DIFF "diff"
Functions
int	dsl_deleg_get (const char ddname, nvlist_t *nvp)
	Find all 'allow' permissions from a given point and then continue traversing up to the root.
int	dsl_deleg_set (const char ddname, nvlist_t nvp, boolean_t unset)
int	dsl_deleg_access (const char ddname, const char perm, cred_t *cr)
int	dsl_deleg_access_impl (struct dsl_dataset ds, boolean_t descendent, const char perm, cred_t *cr)
	Check if user has requested permission.
void	dsl_deleg_set_create_perms (dsl_dir_t dd, dmu_tx_t tx, cred_t *cr)
	Set all create time permission on new dataset.
int	dsl_deleg_can_allow (char ddname, nvlist_t nvp, cred_t *cr)
	Validate that user is allowed to delegate specified permissions.
int	dsl_deleg_can_unallow (char ddname, nvlist_t nvp, cred_t *cr)
	Validate that user is allowed to unallow specified permissions.
int	dsl_deleg_destroy (objset_t os, uint64_t zapobj, dmu_tx_t tx)
boolean_t	dsl_delegation_on (objset_t *os)

Define Documentation

#define ZFS_DELEG_PERM_ALLOW "allow"

Definition at line 49 of file dsl_deleg.h.

#define ZFS_DELEG_PERM_CLONE "clone"

Definition at line 42 of file dsl_deleg.h.

#define ZFS_DELEG_PERM_CREATE "create"

Definition at line 38 of file dsl_deleg.h.

#define ZFS_DELEG_PERM_DESTROY "destroy"

Definition at line 39 of file dsl_deleg.h.

#define ZFS_DELEG_PERM_DIFF "diff"

Definition at line 58 of file dsl_deleg.h.

#define ZFS_DELEG_PERM_GROUPQUOTA "groupquota"

Definition at line 53 of file dsl_deleg.h.

#define ZFS_DELEG_PERM_GROUPUSED "groupused"

Definition at line 55 of file dsl_deleg.h.

#define ZFS_DELEG_PERM_HOLD "hold"

Definition at line 56 of file dsl_deleg.h.

#define ZFS_DELEG_PERM_MOUNT "mount"

Definition at line 45 of file dsl_deleg.h.

#define ZFS_DELEG_PERM_NONE ""

Definition at line 37 of file dsl_deleg.h.

#define ZFS_DELEG_PERM_PROMOTE "promote"

Definition at line 43 of file dsl_deleg.h.

#define ZFS_DELEG_PERM_RECEIVE "receive"

Definition at line 48 of file dsl_deleg.h.

#define ZFS_DELEG_PERM_RELEASE "release"

Definition at line 57 of file dsl_deleg.h.

#define ZFS_DELEG_PERM_RENAME "rename"

Definition at line 44 of file dsl_deleg.h.

#define ZFS_DELEG_PERM_ROLLBACK "rollback"

Definition at line 41 of file dsl_deleg.h.

#define ZFS_DELEG_PERM_SEND "send"

Definition at line 47 of file dsl_deleg.h.

#define ZFS_DELEG_PERM_SHARE "share"

Definition at line 46 of file dsl_deleg.h.

#define ZFS_DELEG_PERM_SNAPSHOT "snapshot"

Definition at line 40 of file dsl_deleg.h.

#define ZFS_DELEG_PERM_USERPROP "userprop"

Definition at line 50 of file dsl_deleg.h.

#define ZFS_DELEG_PERM_USERQUOTA "userquota"

Definition at line 52 of file dsl_deleg.h.

#define ZFS_DELEG_PERM_USERUSED "userused"

Definition at line 54 of file dsl_deleg.h.

#define ZFS_DELEG_PERM_VSCAN "vscan"

Definition at line 51 of file dsl_deleg.h.

Function Documentation

int dsl_deleg_access	(	const char *	ddname,
		const char *	perm,
		cred_t *	cr
	)

Definition at line 640 of file dsl_deleg.c.

int dsl_deleg_access_impl	(	dsl_dataset_t *	ds,
		boolean_t	descendent,
		const char *	perm,
		cred_t *	cr
	)

Check if user has requested permission.

If descendent is set, must have descendent perms.

Definition at line 534 of file dsl_deleg.c.

int dsl_deleg_can_allow	(	char *	ddname,
		nvlist_t *	nvp,
		cred_t *	cr
	)

Validate that user is allowed to delegate specified permissions.

In order to delegate "create" you must have "create" and "allow".

Definition at line 95 of file dsl_deleg.c.

int dsl_deleg_can_unallow	(	char *	ddname,
		nvlist_t *	nvp,
		cred_t *	cr
	)

Validate that user is allowed to unallow specified permissions.

They must have the 'allow' permission, and even then can only unallow perms for their uid.

Definition at line 128 of file dsl_deleg.c.

int dsl_deleg_destroy	(	objset_t *	os,
		uint64_t	zapobj,
		dmu_tx_t *	tx
	)

Definition at line 727 of file dsl_deleg.c.

int dsl_deleg_get	(	const char *	ddname,
		nvlist_t **	nvp
	)

Find all 'allow' permissions from a given point and then continue traversing up to the root.

This function constructs an nvlist of nvlists. each setpoint is an nvlist composed of an nvlist of an nvlist of the individual * users/groups/everyone/create permissions.

The nvlist will look like this.

{ source fsname -> { whokeys { permissions,...}, ...}}

The fsname nvpairs will be arranged in a bottom up order. For example, if we have the following structure a/b/c then the nvpairs for the fsnames will be ordered a/b/c, a/b, a.

Definition at line 295 of file dsl_deleg.c.

int dsl_deleg_set	(	const char *	ddname,
		nvlist_t *	nvp,
		boolean_t	unset
	)

Definition at line 249 of file dsl_deleg.c.

void dsl_deleg_set_create_perms	(	dsl_dir_t *	dd,
		dmu_tx_t *	tx,
		cred_t *	cr
	)

Set all create time permission on new dataset.

Definition at line 706 of file dsl_deleg.c.

boolean_t dsl_delegation_on ( objset_t * os )

Definition at line 747 of file dsl_deleg.c.

sys/dsl_deleg.h File Reference

Defines

Functions

Define Documentation

Function Documentation