(Illustration by Gaich Muramatsu)
On Mon, Oct 08, 2001 at 07:09:47PM +0200, Matthias Teege wrote: > I'm using coda on my FreeBSD network and want to put the sources > (/usr/src) and the ports (/usr/ports) on the coda filesystem. In the > original installation both directories are owned by root and group wheel. > > What is the best permissions an user strategie for coda? I wan't > (and can't) create an coda user "root" with uid 0. Should I create > an "offiziell" admin with another uid that ownes the sources or > can I change the permissions on the client side? > > The main problem is that root must have read an write permissions on > /usr/src and /usr/ports particulary if root install new programms. Coda couldn't care less who is the user that owns the file, and the UNIX permission bits only influense it mildly. Unix groups are not even supported (i.e. group will always be 65534). We actually deal with access permissions by checking the authentication token that the user passed to venus with the ACL on the directories. So you could have some Coda group (let's say System:Software), which contains any users that are allowed to modify/add/delete/create files in /usr/src and /usr/ports. Anybody else can still be allowed read and lookup access, cfs sa /coda/usr/ports System:Software rlidwka cfs sa /coda/usr/ports System:AnyUser rl ACL's are inherited when a new directory is created, so if the hierarchy is already there use 'find' to fix up the acls in the tree find /coda/usr/ports -type d -exec cfs sa {} System:Software all \; (GNU find needs an additional '-noleaf' to avoid some optimizations that don't work well on Coda which cause find to sometimes forget to traverse directories). JanReceived on 2001-10-08 16:50:37