On Thu, 2009-02-12 at 21:52 -0800, Chuck Swiger wrote: > On Feb 12, 2009, at 8:52 PM, Da Rock wrote: > >> With reasonable organization, and appropriate use of sudo or setgid > >> binaries for things like people who use SVN or CVS, there generally > >> isn't reason or need for a user to be in so many groups. For the > >> exceptional cases, switching to using a full ACL system rather than > >> the traditional Unix permission model is probably going to be a > >> better > >> solution. > > > > Interesting. What would you suggest for full ACL? > > Well, it depends on what you're doing in terms of user requirements > and systems (ie, are the FreeBSD boxes fileservers, clients, or > both?), but the stuff which comes with FreeBSD is documented in > acl(3), getfacl, setfacl, etc. Other choices might involve something > like the Andrew File System / Transarc DFS stuff, or Windows Active > Directory and Samba/CIFS on the FreeBSD boxes.... > > Regards,
So you're talking in terms of the FS only? I thought you said the kernel wasn't capable? I'll have to look into this a more thoroughly, I'm intrigued to say the least. Not to say I'll ever probably use it, but it does present a limitation. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[email protected]"
