This command modifies a view.
view modify --id VIEW_ID [--path PATH] [--protocols PROTOCOLS] [--alias ALIAS] [--share SHARE] [--policy-id ID] [--cluster-id ID] [--create-dir] [--s3-versioning] [--s3-locks] [--s3-locks-retention-period S3_LOCKS_RETENTION_PERIOD] [--s3-locks-retention-mode NONE|GOVERNANCE|COMPLIANCE] [--bucket BUCKET] [--bucket-owner BUCKET_OWNER] [--bucket-creators BUCKET_CREATORS] [--allow-anonymous-access] [--block-anonymous-access] [--nfs-interop Disabled|NFSv3|NFSv4.1|NFSv3_NFSv4.1] [--enable-share-acl]|[--disable-share-acl] [--clear-share-acl] [--share-ace-grantee users|groups] [--share-ace-permissions FULL|READ|CHANGE] [{--share-ace-sid-str SID_STR}|{--share-ace-uid-or-gid UID_OR_GID}] [--remove-share-ace-name NAME --remove-share-ace-fqdn FQDN]
To enable or disable share-level ACL on the view:
view modify --id VIEW_ID --enable-share-acl|--disable-share-acl
To add an ACE to the view's share-level ACL:
view modify --id VIEW_ID --share-ace-grantee users|groups {--share-ace-sid-str SID_STR}|{--share-ace-uid-or-gid UID_OR_GID} --share-ace-permissions FULL|READ|CHANGE
To clear all ACEs from the view's share-level ACL:
view modify --id VIEW_ID --clear-share-acl
To remove an ACE:
view modify --id VIEW_ID --remove-share-ace-name NAME --remove-share-ace-fqdn FQDN
Modifies the Element Store path to be exposed to clients. It can be a directory that was already created by a client inside an exposed parent directory, or it can be a new directory, in which case you must specify the --create_dir option to create the directory. Example: --path /a/b/c |
|
|
Specifies which protocol(s) the view will be exposed to. Specify PROTOCOLS as a string value for a single protocol or a comma separated list of strings to enable multiple protocols. Valid string values are:
Examples:
|
|
For NFSv3 exports, specifies an alternative shorter name for the path that can be used alternatively when mounting. Optional and relevant only if the view is exposed to NFS. An alias must begin with a forward slash ("/") and must consist of only ASCII characters. |
|
Specifies the SMB share name. Required if the view is exposed to SMB. The name cannot include the following characters: /\:|<>*?" |
|
Specifies which view policy to apply. If unspecified, the default policy (ID 1) is used. |
|
Creates a directory at the specified path. Include this option of the directory does not already exist. |
|
Enables object versioning on the bucket if |
Enables S3 object locking on the view bucket, if |
|
Sets a default retention period for objects in the bucket, if S3 object locking is enabled. If set, object versions that are placed in the bucket are automatically protected with a retention lock with the specified retention period, unless Specify S3_LOCKS_RETENTION_PERIOD as an integer followed by a symbol. For example: 1y for one year. |
|
Sets a default retention mode for objects in the bucket.
|
|
|
Specifies the name of an S3 bucket. Required if |
|
Specifies a user to be the bucket owner. Required if |
|
Relevant if Specify |
|
If the view has S3 Bucket or S3 Endpoint enabled, include this option to allow anonymous S3 access to the view's S3 bucket. If allowed, anonymous requests are granted provided that the object ACL grants access to the All Users group (in S3 Native security flavor) or the permission mode bits on the requested file and directory path grant access permission to "others" (in NFS security flavor). |
|
Blocks anonymous S3 access to the view's S3 bucket, if applicable. This is the default setting. |
|
This parameter enables or disables server enforcement of SMB mandatory locking features on NFS clients, in order to support simultaneous access to files from NFS and SMB. This feature prevents potential data corruption and introduces some performance impact. To read more about this feature, see NFS Interoperability. |
|
Enables share-level ACL on the view. This setting enables share-level ACL on the view, which means that SMB requests to access the view will fail unless permission is granted to the requesting user by an ACE. |
|
Disables a share-level ACL on a view. Share-level ACL is disabled by default. |
|
Removes all ACEs from a share-level ACL if enabled on the view, without disabling share-level ACL. |
|
Specifies a grantee type when running the command to configure an Access Control Entry (ACE) in a share-level ACL. See also Share-Level ACL Usage . Possible values:
|
|
Specifies the type of permission to grant to a specified grantee when running the command to configure an Access Control Entry (ACE) in a share-level ACL. See also Share-Level ACL Usage . |
|
Specifies a grantee by SID identifier when running the command to configure an Access Control Entry (ACE) in a share-level ACL. See also Share-Level ACL Usage . Specify To obtain an identifier for a SID, run a query by prefix against the Active Directory domain, using one of the following commands:.
|
|
Specifies a grantee by UID/GID identifier when running the command to configure an Access Control Entry (ACE) in a share-level ACL. See also Share-Level ACL Usage . Specify To obtain an identifier for a UID or GID, run a query by prefix against the Active Directory domain, using one of the following commands:.
|
|
Specifies the grantee name when running the command to remove an ACE from a share-level ACL. See also Share-Level ACL Usage . |
|
Specifies the domain when running the command to remove an ACE for a given from a share-level ACL. See also Share-Level ACL Usage . |
This example changes the view policy used by the view that exposes the /dev path of the element store.
vcli: admin> view modify --id 2 --path /dev --policy-id 2
This example removes an ACE from a share-level ACL:
vcli: admin> view modify --id 101 --remove-share-ace-name joej --remove-share-ace-fqdn ad.arandomorg.com
Comments
0 comments
Article is closed for comments.