On Mon, 28 Jun 2004, Paul Jakma wrote: > On Mon, 28 Jun 2004, Mike Waychison wrote: > > > This policy has to be determined on a machine-by-machine basis. I > > think we can agree to that. > > Or site by site. (yeah, pam_console, eg, doesnt do directory lookups > for config, but hey, maybe one day) > > > I just chose to examine the :0 policy because doing so allows us to > > explore the implications of such an implementation. > > ok. > > > For example, after considering the 'owner' bit, I realize now that > > autofs would: > > > > - still have to parse for such an option as it runs as root and would > > likely have to setuid to the user in question (so umount(8) still works). > > > > - which implies that automount would need to know who triggered the > > mount, which isn't possible without a protocol jump. > > Yes, it would. I didnt realise automount did not have access to > credentials of the process which triggered the 'lookup'.
This came up recently and I've given it some thought. A pipe is used to talk from the kernel to the automount process. So either the info must be included in the packet or the mount seperated from the daemon and called using a helper. The first option requires changing the packet size and so breaks backward compatibility. Not necessarily bad but would need to be carefully managed. Thinking about it, the second seems quite feasibile. It is similar to the method to be used by Mike. Ian _______________________________________________ autofs mailing list [EMAIL PROTECTED] http://linux.kernel.org/mailman/listinfo/autofs
