Coda File System

Re: more on protections

From: Peter J. Braam <braam_at_cs.cmu.edu>
Date: Thu, 17 Sep 1998 14:27:16 -0400 (EDT)
On Thu, 17 Sep 1998, David Steere wrote:

> Sorry to keep beating the same dead horse...
> 
> So I convinced myself to never touch the auth2 databases again. So adding
> users is a snap: au nu. 

OK.

> 
> Now comes the question of groups. 
>    - How do I add a new group?

Add it to groups.coda, with the names of members


>    - How do I add a member to a group?

Same: add it to groups.coda

Now run pwd2pdb with some arguments (man will tell you) and you'll get a
new .pdb file.  Make an index file with pcfgen.  Then you are ready to go.

>    -  Is there more than syntax to the naming convention of System:blah?

Hm, I don't think so, but group numbers are negative, that's a must. 


>    - Why are the group IDs negative?

To say they are groups.

>    -  How much of this is going to change when we get kerberos?

We _have_ kerberos.  Not much will change.  Much will change when we have
protection database server. 

>    - Would it be easier if we added commands to cfs to add new members and
> groups, rather than

That's a long shot. It's better to keep this separate.   Cfs is a pioctl
tool only, I don't want to add another feature to it.

A user database server is being worked but I want to LDAPize this stuff.
AFS has pts this is similar to what we need.

>      having a separate tool? I'd be willing to write it but I can't
> guarantee it'd happen fast. (If I did it,
>      I'd have cfs connect to the auth2 server directly ala au, not going
> through venus as it does for the other commands).

There is a student working on this and he is making good progress, so just
hold off a little.

- Peter -
> 
> david.
> 
> 
> 
Received on 1998-09-17 14:29:04