summaryrefslogtreecommitdiffstats
path: root/man/man8/zpool.8
diff options
context:
space:
mode:
authorGiuseppe Di Natale <[email protected]>2017-06-05 13:52:15 -0400
committerBrian Behlendorf <[email protected]>2017-06-05 10:52:15 -0700
commit099700d9dff46309cdd16f4c4331daddb70d8570 (patch)
tree13383ee2af7cc69b0f790b3c3f70fbc61ae074fb /man/man8/zpool.8
parent92aceb2a7ee8c9367fdc901fed933f6f258173e0 (diff)
zpool iostat/status -c improvements
Users can now provide their own scripts to be run with 'zpool iostat/status -c'. User scripts should be placed in ~/.zpool.d to be included in zpool's default search path. Provide a script which can be used with 'zpool iostat|status -c' that will return the type of device (hdd, sdd, file). Provide a script to get various values from smartctl when using 'zpool iostat/status -c'. Allow users to define the ZPOOL_SCRIPTS_PATH environment variable which can be used to override the default 'zpool iostat/status -c' search path. Allow the ZPOOL_SCRIPTS_ENABLED environment variable to enable or disable 'zpool status/iostat -c' functionality. Use the new smart script to provide the serial command. Install /etc/sudoers.d/zfs file which contains the sudoer rule for smartctl as a sample. Allow 'zpool iostat/status -c' tests to run in tree. Reviewed-by: Tony Hutter <[email protected]> Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Giuseppe Di Natale <[email protected]> Closes #6121 Closes #6153
Diffstat (limited to 'man/man8/zpool.8')
-rw-r--r--man/man8/zpool.842
1 files changed, 25 insertions, 17 deletions
diff --git a/man/man8/zpool.8 b/man/man8/zpool.8
index ff3db440d..190b9dfc0 100644
--- a/man/man8/zpool.8
+++ b/man/man8/zpool.8
@@ -1550,14 +1550,13 @@ Run a script (or scripts) on each vdev and include the output in zpool iostat
.sp
The \fB-c\fR option allows you to run script(s) for each vdev and display the
output in zpool iostat. For security reasons, a user can only execute scripts
-found in the /<etc>/zfs/zpool.d directory as an unprivileged user. However, a
-privileged user can run \fB-c\fR if they have the ZPOOL_SCRIPTS_AS_ROOT
-environment variable set. If a script requires the use of a privileged
-command (like smartctl) then it's recommended you allow the user access to it in
-/etc/sudoers. For example, to allow user "zfsuser" access to "smartctl -a", add
-the following to /etc/sudoers:
-
-zfsuser ALL=NOPASSWD: /usr/sbin/smartctl -a /dev/sd[a-z]*, NOEXEC: /usr/sbin/smartctl -a /dev/sd[a-z]*`
+as an unprivileged user. By default, a user may run a script from ~/.zpool.d
+or /etc/zfs/zpool.d. The default search path can be overriden by setting
+the \fBZPOOL_SCRIPTS_PATH\fR environment variable. A privileged user can run
+\fB-c\fR if they have the \fBZPOOL_SCRIPTS_AS_ROOT\fR environment variable set.
+If a script requires the use of a privileged command (like \fBsmartctl(8)\fR)
+then it's recommended you allow the user access to it in /etc/sudoers or add
+the user to the /etc/sudoers.d/zfs file.
If \fB-c\fR is passed without a script name, it prints a list of all scripts.
\fB-c\fR also sets verbose mode (\fB-v\fR).
@@ -2148,15 +2147,14 @@ If a scrub or resilver is in progress, this command reports the percentage done
Run a script (or scripts) on each vdev and include the output in zpool status
.sp
The \fB-c\fR option allows you to run script(s) for each vdev and display the
-output in zpool iostat. For security reasons, a user can only execute scripts
-found in the /<etc>/zfs/zpool.d directory as an unprivileged user. However, a
-privileged user can run \fB-c\fR if they have the ZPOOL_SCRIPTS_AS_ROOT
-environment variable set. If a script requires the use of a privileged
-command (like smartctl) then it's recommended you allow the user access to it in
-/etc/sudoers. For example, to allow user "zfsuser" access to "smartctl -a", add
-the following to /etc/sudoers:
-
-zfsuser ALL=NOPASSWD: /usr/sbin/smartctl -a /dev/sd[a-z]*, NOEXEC: /usr/sbin/smartctl -a /dev/sd[a-z]*`
+output in zpool status. For security reasons, a user can only execute scripts
+as an unprivileged user. By default, a user may run a script from ~/.zpool.d
+or /etc/zfs/zpool.d. The default search path can be overriden by setting
+the \fBZPOOL_SCRIPTS_PATH\fR environment variable. A privileged user can run
+\fB-c\fR if they have the \fBZPOOL_SCRIPTS_AS_ROOT\fR environment variable set.
+If a script requires the use of a privileged command (like \fBsmartctl(8)\fR)
+then it's recommended you allow the user access to it in /etc/sudoers or add
+the user to the /etc/sudoers.d/zfs file.
If \fB-c\fR is passed without a script name, it prints a list of all scripts.
@@ -2727,6 +2725,16 @@ them on \fBzpool create\fR or \fBzpool add\fR by setting ZFS_VDEV_DEVID_OPT_OUT.
.B "ZPOOL_SCRIPTS_AS_ROOT"
Allow a privilaged user to run the \fBzpool status/iostat\fR with the \fB-c\fR
option. Normally, only unprivilaged users are allowed to run \fB-c\fR.
+.TP
+.B "ZPOOL_SCRIPTS_PATH"
+The search path for scripts when running \fBzpool status/iostat\fR with the \fB-c\fR
+option. This is a colon-separated list of directories and overrides the default
+~/.zpool.d and /etc/zfs/zpool.d search paths.
+.TP
+.B "ZPOOL_SCRIPTS_ENABLED"
+Allow a user to run \fBzpool status/iostat\fR with the \fB-c\fR option. If
+ZPOOL_SCRIPTS_ENABLED is not set, it is assumed that the user is allowed to
+run \fBzpool status/iostat -c\fR.
.SH SEE ALSO
.sp