community.general.zfs_delegate_admin – Manage ZFS delegated administration (user admin privileges)¶
This plugin is part of the community.general collection (version 2.2.0).
To install it use:
ansible-galaxy collection install community.general.
To use it in a playbook, specify:
Manages ZFS file system delegated administration permissions, which allow unprivileged users to perform ZFS operations normally restricted to the superuser.
zfs allowsection of
zfs(1M) for detailed explanations of options.
This module attempts to adhere to the behavior of the command line tool as much as possible.
The below requirements are needed on the host that executes this module.
A ZFS/OpenZFS implementation that supports delegation with zfs allow, including: Solaris >= 10, illumos (all versions), FreeBSD >= 8.0R, ZFS on Linux >= 0.7.0.
- name: Grant `zfs allow` and `unallow` permission to the `adm` user with the default local+descendents scope community.general.zfs_delegate_admin: name: rpool/myfs users: adm permissions: allow,unallow - name: Grant `zfs send` to everyone, plus the group `backup` community.general.zfs_delegate_admin: name: rpool/myvol groups: backup everyone: yes permissions: send - name: Grant `zfs send,receive` to users `foo` and `bar` with local scope only community.general.zfs_delegate_admin: name: rpool/myfs users: foo,bar permissions: send,receive local: yes - name: Revoke all permissions from everyone (permissions specifically assigned to users and groups remain) community.general.zfs_delegate_admin: name: rpool/myfs everyone: yes state: absent