Russ Allbery
Sun, 17 Jan 2010 18:01:07 -0800
Adam Megacz <a...@megacz.com> writes: > Andrew Deason <adea...@sinenomine.net> writes:
>> The definition of 'administrator' is deliberately vague. We haven't yet >> determined whether or not the person changing the volume policy will be >> a member of system:administrators, an SUser, or some to-be-created list >> of users. > Good point. I should have phrased my comment in terms of "any single > site-wide list" rather than "system:administrators". Please note that in order to address the use case that we (Stanford) have for this feature, limiting volume policy changes to a single cell-wide list is exactly what we need. Anything more generous will not actually address the problem unless it can be configured to be functionally equivalent to that. So while I would have no objections to something more complicated, such as something that allows a custom policy ACL to be associated with each volume, it's both not necessary for our use case and needs to be reduced to a single cell-wide list at our site to work the way that we want it to work. -- Russ Allbery (r...@stanford.edu) <http://www.eyrie.org/~eagle/> _______________________________________________ OpenAFS-devel mailing list OpenAFS-devel@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-devel