Old user can't log in
John Almberg
jalmberg at identry.com
Fri Feb 13 05:21:47 PST 2009
On Feb 13, 2009, at 1:21 AM, Da Rock wrote:
> On Thu, 2009-02-12 at 21:52 -0800, Chuck Swiger wrote:
>> On Feb 12, 2009, at 8:52 PM, Da Rock wrote:
>>>> With reasonable organization, and appropriate use of sudo or setgid
>>>> binaries for things like people who use SVN or CVS, there generally
>>>> isn't reason or need for a user to be in so many groups. For the
>>>> exceptional cases, switching to using a full ACL system rather than
>>>> the traditional Unix permission model is probably going to be a
>>>> better
>>>> solution.
>>>
>>> Interesting. What would you suggest for full ACL?
>>
>> Well, it depends on what you're doing in terms of user requirements
>> and systems (ie, are the FreeBSD boxes fileservers, clients, or
>> both?), but the stuff which comes with FreeBSD is documented in
>> acl(3), getfacl, setfacl, etc. Other choices might involve something
>> like the Andrew File System / Transarc DFS stuff, or Windows Active
>> Directory and Samba/CIFS on the FreeBSD boxes....
>>
>> Regards,
>
> So you're talking in terms of the FS only? I thought you said the
> kernel
> wasn't capable? I'll have to look into this a more thoroughly, I'm
> intrigued to say the least. Not to say I'll ever probably use it,
> but it
> does present a limitation.
I only ran up against the problem because I added this user to a
bunch of other user's groups, so that she could edit those user's
files. Easily refactored into something more sensible.
-- John
More information about the freebsd-questions
mailing list