[OpenIndiana-discuss] zfs snapshot script
Reginald Beardsley
pulaskite at yahoo.com
Sun May 1 15:23:25 UTC 2011
"Are there any permission tricks that would allow a script executed via ssh
to execute "zfs snapshot"??"
It's called setuid bit. There are a host of security concerns around setuid scripts and programs, so consider how you set things up and what your risks are.
Here's a rough approximation of a reasonably good way to implement what you want. Compile & link, setuid w/ chmod(1) and put some place where only the ssh account can access it (i.e. i a directory that only that account can access)..
Have Fun!
Reg
#include <unistd.h>
int main( int argc ,char* argv[] ){
exec( "/sbin/zfs snapshot %s" ,argv[1] );
}
More information about the OpenIndiana-discuss
mailing list