On Friday, July 21, 2006 02:01:46 PM -0700 Russ Allbery <[EMAIL PROTECTED]>
wrote:
Jeffrey Hutzelman <[EMAIL PROTECTED]> writes:
Discussion revealed that ideally, we'd like for the bit to be able to be
set distinctly for every directory, by the same users who can set the
ACL for that directory. However, this is difficult to do, requiring
changes to both the protocol and the format of the large vnode index.
It also has the issue that it's an awful lot of bits to set for sites
where ACL's have traditionally been sane.
This is perhaps a dumb idea, precisely because these bits already exist
and may already be used for other things, but AFS *does* have the
application ACL bits A-H. Using one of them for this purpose would break
the existing semantics, though (which say that they have no meaning to AFS
server processes). I don't have a good feeling on how many sites actually
use them for something now, only that I've never seen them mentioned in
the context of actually being used in any of the public mailing list
traffic about AFS I've read.
I've seen more than one reference to sites using these for things. I think
it's best to consider them reserved for local use, and figure out how to
extend ACL's when we need to.
FWIW, I don't think using an ACL bit for this particular purpose is ideal
anyway, because the flag we need is a property of the entire directory ACL,
rather than each individual ACE.
-- Jeff
_______________________________________________
AFS3-standardization mailing list
[email protected]
http://michigan-openafs-lists.central.org/mailman/listinfo/afs3-standardization
