On 3/22/07, Mark Shellenbaum <[EMAIL PROTECTED]> wrote:
> Wow, that's a big show stopper! If I tell the users, that after the > transition they have to toggle their umask before/after writing to > certain directories or need to do a chmod, I'm sure they wanna hang me > right on the next tree and wanna get their OS changed to Linux/Windooze... > Only if your goal is to ignore a users intent on what permissions their files should be created with. Think about users who set their umask to 077. They will be upset when their files are created with a more permissive mode. The ZFS way is much more secure.
One of the reasons for doing this is explicitly to override the user's umask. Both up and down. Which allows users to have a strict umask while still allowing shared workspaces to function correctly. Or for them to have a generous umask while ensuring secure areas stay secure. In other words, the aim is to override any mistakes that users might make by enforcing policy using ACLs.
What is your real desired goal? Are you just wanting anybody in a specific group to be able to read,write all files in a certain directory tree? If so, then there are other ways to achieve this, with file and directory inheritance.
Please explain how. I've been trying to make this work for months with no success. The business requirement is that all files in a directory hierarchy be created mode 660 - read and write by owner and primary group. How do I do this? -- -Peter Tribble http://www.petertribble.co.uk/ - http://ptribble.blogspot.com/ _______________________________________________ zfs-discuss mailing list zfs-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
