openzfs/zfs

zfs redact should have a separate delegatable permissions

Open

#10,296 opened on May 6, 2020

View on GitHub
 (0 comments) (0 reactions) (0 assignees)C (9,908 stars) (1,703 forks)batch import
Type: Featuregood first issue

Description

zfs redact currently uses the secpolicy_config, restricting its use to users who can modify the pool's config. There's no reason to restrict such a command so tightly; it should have a delegatable permission, like most other zfs ioctls.

Contributor guide

Tech stack
c
Domain
authenticationauthorization
Issue type
feature
DifficultyEstimated implementation difficulty for a new contributor, from 1 for very small changes to 5 for expert-level work.
4
Estimated timeA rough time range for an experienced contributor to investigate, implement, test, and prepare a pull request.
over 1 week
Activity statusHow available the issue appears right now: fresh, active, stale, blocked, or waiting on maintainer input.
stale
ClarityHow clearly the issue explains the expected change, acceptance criteria, and next step.
clear
Prerequisites
Understanding of ZFS permission modelC programming experienceFamiliarity with ZFS ioctl interface
Newbie friendlinessA 1-100 score estimating how approachable this issue is for first-time contributors.
15
Research direction
Examine how other ZFS ioctls define their own delegatable permissions, for example by searching for 'zfs secpolicy' or 'zfs deleg' in the codebase. Look at existing permissions like 'ZFS DELEG PERM DESTROY' or 'ZFS DELEG PERM SNAPSHOT' to understand the pattern. Then implement a new permission for 'zfs redact' following the same structure, modifying the relevant policy check in the redact ioctl handler.