To determine the access control permissions, SnapDrive for UNIX checks for a permissions file in the root volume of the storage system.
The following are the rules defined for determining the access control permissions in SnapDrive for UNIX.
Check if the sdhost-name.prbac file exists, if it does not exist, then use the sdgeneric.prbac to check the access permissions.
Setting up access control from a given host to a given vFiler unit is a manual operation. The access from a given host is controlled by a file residing in the root volume of the affected vFiler unit. The file contains the name as /vol/<vfiler root volume>/sdprbac/sdhost-name.prbac, where host-name is the name of the affected host, as returned by gethostname(3). You should ensure that this file is readable, but not writable, from the host that can access it.
If the file is empty, unreadable, or has an invalid format, SnapDrive for UNIX does not grant the host access permission to any of the operations.
If the file is missing, SnapDrive for UNIX checks the configuration variable all-access-if-rbac-unspecified in the snapdrive.conf file. If the variable is set to on (the default), it allows the hosts complete access to all these operations on that storage system. If the variables set to off, SnapDrive for UNIX denies the host permission to perform any operations governed by access control on that storage system.