On Tue, 2 Mar 2010, David Dyer-Bennet wrote: > Hmmm; the "lack of flexibility" you talk about comes from not using the > security model sensibly -- having per-person groups is very useful in > that security model.
I have 70 odd thousand users. Why would I want to also have 70 thousand groups with only one user in each one? From an authorization perspective, the user and group are identical. The absolute only reason to implement such a duplicative environment is so you can have one umask, but still be able to control whether or not someone other than the user gets permissions on new files. In a world with inheritable ACL's, you don't need to do that. > You see it as a "legacy security model"; but for me it's the primary > security model, with ACLs as an add-on. It's the only one that's > supported across the various ways of sharing the disks. In the end, > Solaris is one player in the POSIX world, and cutting yourself off from > that would be very limiting. If the design requirements of your filesystem require backward interoperability, then yes. On the other hand, if they don't, and you would be better served with a pure-ACL deployment, why hold yourself down with the chains of a security model you don't need? > It's precisely to avoid having shell access being a poor stepchild that > I'm resisting ACLs. As currently implemented, they relegate my primary > access to the system to second-class status. How so? Do you mean operating in a shell on a system with no ACL support? > And NFSv4 is mostly a rumor in my universe; NFSv2 and v3 are what people > actually use. Really? We've deployed NFSv4 here, and other than this ACL/chmod issue it's working great. I think I'd rather design my future technology based on the needs and possibilities of the future, not on the past. From that perspective, why should Sun bother to work on NFSv4 at all if nobody uses it. Again, I'm not advocating removing any current functionality or depriving you of anything you currently have. I'm simply requesting an additional feature set that would be very useful for some deployments. I'm not really sure why people keep arguing about why it would not be good for their deployment, and considering such a reason it should not be implemented -- that seems a bit self-centered. -- Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ Operating Systems and Network Analyst | hen...@csupomona.edu California State Polytechnic University | Pomona CA 91768 _______________________________________________ zfs-discuss mailing list zfs-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
