Coda File System

Re: ACL and Groups

From: Samir Patel <coda_at_allenport.com>
Date: Thu, 18 Dec 2003 12:19:59 -0500
Also, trying to remove a group from a group fails with the following
assertion:

Assertion failed: PDB_ISGROUP(groupId) && PDB_ISUSER(id), file "pdb.c",
line 82
EXITING! Bye!

But adding a group to a group works just fine though...

What tools exist right now for creating/deleting users/groups and
adding/removing users from groups other than pdbtool?  Also, from what
I've seen, there doesn't appear to be any way of adding/removing users
to groups, or even listing what groups a user belongs too, other than
the pdbtool executable (which can only be run on the server).

I was thinking of creating a library for user/group management which
would provide an interface for 3rd party "user admin" type apps.  Does
creating something like this make sense?

Samir



On Wed, 2003-12-17 at 15:24, Jan Harkes wrote:
> On Wed, Dec 17, 2003 at 12:54:19PM -0500, Samir Patel wrote:
> > I was just playing around with creating groups and noticed the following
> > behavior.  I created a bunch of users.  Users got added to either
> > Group1, Group2, Group3, or some combination of the three groups.  I
> > created a "master" group, called AllGroups, which only contained Group1,
> > Group2 and Group3.  Doing this, I assumed I would be able to set the ACL
> > on my servers root directory to something like:
> > 
> > AllGroups                rl
> > System:Administrators  rlidwka
> > 
> > However, this doesn't work... or at least it didn't for me.  When I clog
> > as a user who is in either Group1, Group2 or Group3, I can't get a
> > directory listing of my servers root directory.  If I add a user to
> > AllGroups, then that user can get a listing of the servers root
> > directory.  However, shouldn't the situation described above also work? 
> > Is this a bug, am I doing something wrong, or is this proper behavior?
> 
> Hmm, that should just work the way you expect. I haven't tried it
> recently, most of our groups are only one level deep.
> 
> Jan
> 
Received on 2003-12-18 12:25:29