Creating Volume-Level ACLs from the Command Line
Describes how to use the Command Line to control access to a volume.
To create an ACL at the command line, use the acl set
command to
specify a list of authorized users (or groups) and the actions they are allowed to
perform.
The syntax is:
maprcli acl set -type volume -name <volume name>
[-user <username>:<action> -group <groupname>:<action>]
Include spaces between multiple entries, such as a list of usernames and their associated permission levels (or actions). Each allowed action has a permission code associated with it. The codes are explained below.
Permission Code | Allowed Action |
---|---|
dump | Dump or back up the volume |
restore | Restore or mirror the volume |
m | Modify the volume's properties |
d | Delete the volume |
a | Administrator (can edit and view ACLs, but cannot perform volume operations) |
fc | Full control over the volume (this enables all volume-related administrative options with the exception of changing the volume ACLs) |
Example
This example shows how to create an ACL for a volume named test-volume
that allows full control over volume ACLs for user rjones
. In addition, all
users in the developers
group are given permission to dump, restore, and
modify volume properties.
maprcli acl set -type volume -name test-volume -user rjones:fc
-group developers:dump,restore,m