Creating Volume-level ACLs from the Command Line

Describes how to use the Command Line to control access to a volume.

To create an ACL at the command line, use the acl set command to specify a list of authorized users (or groups) and the actions they are allowed to perform.

The syntax is:

maprcli acl set -type volume -name <volume name> 
[-user <username>:<action> -group <groupname>:<action>]

Include spaces between multiple entries, such as a list of usernames and their associated permission levels (or actions). Each allowed action has a permission code associated with it. The codes are explained below.

Permission Code Allowed Action
dump Dump or back up the volume
restore Restore or mirror the volume
m Modify the volume's properties
d Delete the volume
a Administrator (can edit and view ACLs, but cannot perform volume operations)
fc Full control over the volume (this enables all volume-related administrative options with the exception of changing the volume ACLs)

Example

This example shows how to create an ACL for a volume named test-volume that allows full control over volume ACLs for user rjones. In addition, all users in the developers group are given permission to dump, restore, and modify volume properties.

maprcli acl set -type volume -name test-volume -user rjones:fc 
-group developers:dump,restore,m