(Illustration by Gaich Muramatsu)
"O.W." <fwang2_at_yahoo.com> writes: > Hi, [...] > /coda -- projects -- proj1 > | -- proj2 > | > -- users -- u.fwang2 > -- u.smith > > ... > > o do I need to create volumes for intermediate directory > (eg. projects, users) and mount them first? Not neccessarily. I created /coda/projects and /code/users within the root volume, and mounted the volumes per user/ per project underneath that. > o why mounting point decision is at client's side? I must > be missing something here: if I create a user group and > give them permission to write under, say /coda/users > (otherwise, they can not mount volume, right?), then it There is probably a misunderstanding on how coda creates that hierarchy. First: your users actually need the "A" bit of the ACL, (which stands for administration) to mount volumes. Second: yes, mounting is done working on the clients, but once a volume is mounted, it appears at this position in the tree on all the clients. (The actual mechanism is beyond me at the moment) Third: to create the volumes you need root access (well, permission to write /vice, usually root) on the server anyway. So you can just as well *not* give "A" permission to your users on /coda/users, and do the cfs mkmount at the same time you did the createvol. (we have the convention to create coda.homes.someone and mount to /coda/homes/someone) > doesn't seem to make sense on security: each user can mount > other's volume? We have all the volumes mounted all the time on all the machines, see above. As the ACLs are not changed, there is no security problem as far as I can see. > o when we say "mount from client machine", does it mean > that whoever using the client machine, request his/her own > token, and do the mounting? everything when he/she log in? Don't really understand this one, sorry. > I guess my confusion comes from the management of > hierachical volume and their interplay with ACL, I hope > someone on the list can enlighten me on this. It takes a while... You might as well browse some of the AFS (codas "ancestor" so to say) documentation, e.g. around http://www.ncsa.uiuc.edu/General/Training/AFSIntro/intro/fileprot/acls/rlidwka.html to get some more general concepts. So long, SteffenReceived on 2001-04-12 04:06:27