Manual Pages
Table of Contents
na_fsecurity_apply - Creates a security job based on a
definition file and applies it to the file system.
fsecurity apply <definition file path> [<options>]
The fsecurity apply command reads a file generated in a
valid fsecurity security definition format, each line of
which includes a full path to an object in the file system
and the desired security for that object (and possibly
child objects). Each line represents a task, while the
entire contents of the file represent a single job. The
tasks within a job are guaranteed to run sequentially.
Jobs themselves run asynchronously and will not tie up the
filer console while they run.
This job is given an ID which can be used with the fsecurity
status and fsecurity cancel commands to retrieve the
status or cancel the job, respectively. Once the job is
complete, the result will be reported to the console.
NOTE: Security jobs may run simultaneously. It is possible
to generate two security jobs that conflict with each
other by defining common paths or subpaths within the
tasks and running both jobs simultaneously. This behavior
is no different from an external client changing security
settings while a job is running, but this should be taken
into account when generating these files and determining
when and how they are applied.
-c = Check job validity without actually applying the contents
-
-i = Ignore errors and continue job processing
-
-
-v = Display each task within the job as it is generated
-
toaster> fsecurity apply /security.conf
Added security job 1001.
fsecurity: Job 1001 (/security.conf) completed successfully.
toaster> fsecurity apply /security.conf -c
Definition validated successfully.
toaster> fsecurity apply /security.conf -v
Task 1, NTFS, Normal, Propagate, /vol/vol0/secure ... Added.
Added security job 1001.
fsecurity: Job 1001 (/security.conf) completed successfully.
Table of Contents