| gabriel rosenkoetter on Mon, 3 Feb 2003 14:37:10 -0500 |
|
On Mon, Feb 03, 2003 at 08:50:11AM -0500, sean finney wrote: > system that needs quotas. of course what would be _really_ > nice is if linux NFS supported it as well, so it could be used in a > network environment as, say, a drop-in replacement for a solaris server > (or for the solaris clients) in a certain un-named cs dept. I think I said it when you were having your ACL troubles there: use AFS. (Not something you want to switch over to in the middle of a semester, though.) > also, afaik netBSD et al. also don't have any native file systems with > acls either, though, correct? i sent an email to current-users > this summer asking about that, and the general response was that > they hadn't gotten around to it yet either. FreeBSD 5.0 has them, and it's on the list for NetBSD 1.7 (or maybe 1.8; the big addition for 1.7 will be SMP for all ports where multiple processors are possible). I can't speak to the FreeBSD code, but my understanding is that it's clean, standards-compliant, and works with AFS. Across NFS, I don't know. There are those within the NetBSD camp who seem to feel that the old, BSD-style user and group permissions should be sufficient. That led to a series of flamefests on current-users and tech-kern, but the anti-ACL people were finally quieted by assurances of backwards- compatibility and allowing them to avoid "bloating" their file systems with the extra metadata if they so desired. Adding ACLs to existing file systems either won't work or will only work through the bad way to implement ACLs (keep them in a file at the root of the mount, like quotas are under some file systems). The big win for ACLs is that there are very real situations where NetBSD is used in production and someone has reached the groups-per-user limit. Bumping the limit is clearly not a real fix, since there can't not be a limit without a huge rototill of authentication internals. (And even with that rototill, you'd leave yourself a loaded gun aimed at your foot in the way of a DoS.) Based on that, we should expect them to be showing up in OpenBSD, oh, about 2013. ;^> -- gabriel rosenkoetter gr@eclipsed.net Attachment:
pgpXtGKaDDDYM.pgp
|
|