Coda File System

Re: questions on root volume /coda

From: Steffen Neumann <sneumann_at_TechFak.Uni-Bielefeld.DE>
Date: 12 Apr 2001 10:04:45 +0200
"O.W." <fwang2_at_yahoo.com> writes:

> Hi,
[...]
>  /coda -- projects -- proj1
>        |           -- proj2
>        |
>        -- users -- u.fwang2
>                 -- u.smith
> 
>         ...
> 
> o do I need to create volumes for intermediate directory
> (eg. projects, users) and mount them first?
Not neccessarily.
I created /coda/projects and /code/users within the root volume,
and mounted the volumes per user/ per project underneath  that.

> o why mounting point decision is at client's side? I must
> be missing something here: if I create a user group and
> give them permission to write under, say /coda/users
> (otherwise, they can not mount volume, right?), then it
There is probably a misunderstanding 
on how coda creates that hierarchy.

First: your users actually need the "A" bit of the ACL,
(which stands for administration) to mount volumes.

Second: yes, mounting is done working on the clients,
but once a volume is mounted, it appears at this position 
in the tree on all the clients. 
(The actual mechanism is beyond me at the moment)

Third: to create the volumes you need root access 
(well, permission to write /vice, usually root)
on the server anyway. So you can just as well *not* give 
"A" permission to your users on /coda/users,
and do the cfs mkmount at the same time you did the createvol.
(we have the convention to create coda.homes.someone
 and mount to /coda/homes/someone)

> doesn't seem to make sense on security: each user can mount
> other's volume?
We have all the volumes mounted all the time on all the machines,
see above. As the ACLs are not changed, there is no security problem
as far as I can see.

> o when we say "mount from client machine", does it mean
> that whoever using the client machine, request his/her own
> token, and do the mounting? everything when he/she log in?
Don't really understand this one, sorry.

> I guess my confusion comes from the management of
> hierachical volume and their interplay with ACL, I hope
> someone on the list can enlighten me on this.
It takes a while... You might as well browse some 
of the AFS (codas "ancestor" so to say) documentation, e.g. around 
http://www.ncsa.uiuc.edu/General/Training/AFSIntro/intro/fileprot/acls/rlidwka.html
to get some more general concepts.

So long,
Steffen
Received on 2001-04-12 04:06:27