Describes the acl commands used to access control lists (ACLs).
Specify permissions for a user or group with a string that lists the permissions for that user or group. To specify permissions for multiple users or groups, use a string for each, separated by spaces. The format is as follows:
<user>:<action>[,<action>...][<user>:<action>[,<action...]]<group>:<action>[,<action>...][<group>:<action>[,<action...]]To use the acl edit command, you must have full control
(fc) permission on the cluster or volume for which you are running the
command.
The following tables list the permission codes used by the acl
commands.
|
Permission Code |
Allowed Action |
|---|---|
|
login |
Log in to the MapR Control System, use the API and command-line interface, read access on cluster and volumes. |
|
ss |
Start/stop services. |
|
cv |
Create volumes. |
|
a |
Administrative access to cluster ACLs. Grants no other permissions. |
|
fc |
Full control over the cluster. This enables all cluster-related administrative options with the exception of changing the cluster ACLs. |
| cp | Create security policies |
|
Code |
Allowed Action |
|---|---|
|
dump |
Dump the volume. |
|
restore |
Mirror or restore the volume. |
|
m |
Modify volume properties, create and delete snapshots. |
|
d |
Delete a volume. |
|
a |
Administrative access to volume ACLs. |
|
fc |
Full control (admin access and permission to change volume ACL). |
|
Code |
Allowed Action |
|---|---|
|
a (admin) |
View and modify the permissions on a security policy; cannot view or modify the security policy. |
|
fc (full control) |
View and modify the security policy, including data access ACEs; cannot view or modify the permissions on a security policy. |
|
r (read) |
View all parts of a security policy; cannot modify the security policy. |