On Sat, Jun 9, 2018 at 12:34 PM Grant Taylor <gtay...@gentoo.tnetconsulting.net> wrote: > > NFS will quite happily work with dissimilar IDs if you're using "other" > permission to access everything. }:-) >
There are a few network filesystems with this property. As long as you just mount the whole filesystem with one user/group and umode and don't care that the remote server(s) will just discard any permissions changes you try to apply, they work fine without mapping UIDs. If you're using something like FUSE in a private mount namespace this can be done in a way that is reasonably secure as well (only the user logged into the remote server(s) can see the mountpoint). I feel like this is something that Windows natively gets "better" than POSIX. They have a concept of UIDs being specific to a machine or authentication server (or domain as they call it), and this concept is enforced at the host level. That said, I'm sure this approach has its downsides as well, in particular it is certainly more complex and at work we practically forbid any kind of windows ACLs at anything other than the top mount level because it is so hard to control. -- Rich
