Odd ACL question
Harti Brandt
brandt at fokus.fraunhofer.de
Mon Feb 9 09:03:46 PST 2004
On Mon, 9 Feb 2004, Dan Nelson wrote:
DN>In the last episode (Feb 09), Harti Brandt said:
DN>> On Sun, 8 Feb 2004, Tim Kientzle wrote:
DN>> TK>On Sat, 7 Feb 2004, Tim Kientzle wrote:
DN>> TK>>Joerg Schilling's "star" archives ACLs as follows:
DN>> TK>>
DN>> TK>>"user::rwx,group::r--,group:mail:rw-:6,mask::rw-,other::r--"
DN>> TK>>
DN>> TK>>Note the "group:mail:rw-:6" entry that contains a fourth
DN>> TK>>field with the uid/gid number. ...
DN>> TK>
DN>> TK> * If the username exists and the UID conflicts with the local
DN>> TK> system, ???
DN>> TK>
DN>> TK>This last case is the tough one. My temptation: map it to
DN>> TK>an unused UID, issue a warning about the remap, and keep going.
DN>>
DN>> That may cause the problem I described. This may leave a file in a
DN>> user directory that the user cannot delete without intervention of
DN>> the root user, but its probably the simplest solution. What about
DN>> non-existing groups?
DN>
DN>Any file that a user creates, that user can delete. If you're talking
DN>about a root user extracting something into a user's directory, that's
DN>different, but you have the same problem even without ACLs.
Yes, the question was, what to do with a file whose UID does not exist on
the system. And, yes, this is about the root user. If you restore a file
server for a couple of hundereds or thousands of user you probably don't
want to fix undeleteable (by the users) file handish.
harti
--
harti brandt,
http://www.fokus.fraunhofer.de/research/cc/cats/employees/hartmut.brandt/private
brandt at fokus.fraunhofer.de, harti at freebsd.org
More information about the freebsd-hackers
mailing list