On Sun, Dec 08, 2002 at 04:50:36PM +0100, Christoph Resch wrote:
> i am looking for a document discussing the usage of uniting Posix with 
> CODA - ACLs if possible via pam_LDAP .. does anyone already have 
> experience with this . 

Last time I looked, there was no possible way to map between POSIX and
Coda ACL's. POSIX ACL's use local user/group-id's and thus are only
useful in the context of a local machine, or centrally administered LAN.

Coda uses user/group names that don't necessarily have a user/group
equivalent on the local machine, this is because it essentially supports
multiple administrative 'realms', or 'cells' where the same userid (or
name) exists in multiple domains and has to be interpreted within the
context of that domain.

i.e. If I set an acl for 'jaharkes' on my volume, I'm not allowing
access to just anyone who has 7768 as their user-id, but only to people
who authenticate as jaharkes within the 'coda.cs.cmu.edu' realm.
Similarily I could set an ACL for 'christoph' even though there is no
such user in my /etc/passwd, so it doesn't even have a local uid
equivalent.

Posix ACL's can't capture this.

> and another question .. later Coda-versions had problems with 
> journaling Filesystems .. is this still a topic in latest coda ?? 

Yeah, RH decided to include the ext3 patch in their kernels, and enable
it by default, before it got into the official tree. As a result Coda
was never tested with ext3 and it took a kernel release or 2 to sync up.
ReiserFS worked pretty much from the day it was added to the main tree.

The fixes went in somewhere around 2.4.10, but I would recommend to use
2.4.20. VM and such were pretty bad in the early 'teens', while some
more Coda bugs got fixed as late as 2.4.19.

Jan