From owner-freebsd-current@FreeBSD.ORG Fri Dec 21 07:40:41 2007 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 966B516A421 for ; Fri, 21 Dec 2007 07:40:41 +0000 (UTC) (envelope-from rse@engelschall.com) Received: from visp1.engelschall.com (visp1.engelschall.com [194.97.152.140]) by mx1.freebsd.org (Postfix) with ESMTP id 5798613C455 for ; Fri, 21 Dec 2007 07:40:40 +0000 (UTC) (envelope-from rse@engelschall.com) Received: by visp1.engelschall.com (Postfix, from userid 21100) id 6126E135B9; Fri, 21 Dec 2007 08:40:06 +0100 (CET) Received: by en1.engelschall.com (Postfix, from userid 10000) id B4EF16DC87; Fri, 21 Dec 2007 08:33:06 +0100 (CET) Date: Fri, 21 Dec 2007 08:33:06 +0100 From: "Ralf S. Engelschall" To: Tai-hwa Liang Message-ID: <20071221073306.GA80957@engelschall.com> References: <20071220183502.GA26520@engelschall.com> <0712211026546.7829@www.mmlab.cse.yzu.edu.tw> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <0712211026546.7829@www.mmlab.cse.yzu.edu.tw> Organization: FreeBSD User-Agent: Mutt/1.5.17 OpenPKG/CURRENT (2007-11-01) Cc: freebsd-current@freebsd.org, "Ralf S. Engelschall" Subject: Re: "zfs list" as non-privileged user? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: "Ralf S. Engelschall" List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Dec 2007 07:40:41 -0000 On Fri, Dec 21, 2007, Tai-hwa Liang wrote: > On Thu, 20 Dec 2007, Ralf S. Engelschall wrote: >> I recognize that under FreeBSD 7 a simple "zfs list" as non-root just >> results in: >> >> | rse$ zfs list >> | internal error: failed to initialize ZFS library >> | rse$ _ >> >> Is this really intentional or just a bug? > > Is this non-root user in 'operator' group? No, it isn't. According to the /dev/zfs permissions I guess it is intended to be. But I nevertheless find it strange that even a simple "zfs list" requires operator privileges. As I said, this at least prevents people from checking the existance of snapshots on the filesystems their home directory resides on, etc. -- rse@FreeBSD.org Ralf S. Engelschall FreeBSD.org/~rse rse@engelschall.com FreeBSD committer www.engelschall.com