Are you sure? http://www.coda.cs.cmu.edu/doc/html/manual/x237.html says:Well..... Let's try again !
"In addition to the Coda access lists, the three owner bits of the file
mode are used to indicate readability, writability, and executability.
You should use chmod(1) to set the permissions on individual files."
logrus:/coda/RootMaison$ l total 261 drwxrwxrwx 157 root nogroup 262144 Oct 26 20:39 data1 drwxrwxrwx 3 root nogroup 2048 Nov 2 21:15 data2 -rw------- 1 root root 122 Dec 2 16:59 ici-root-rk drwxr-xr-x 3 sync nogroup 2048 Oct 28 01:28 www
logrus:/coda/RootMaison$ id uid=1000(lionix) gid=1000(lionix) groups=1000(lionix),29(audio)
logrus:/coda/RootMaison$ ctokens Tokens held by the Cache Manager: Local username: lionix
@RootMaison
Not Authenticatedlogrus:/coda/RootMaison$ cat ici-root-rk ahahahha you are on the root-replicated volume.... What are you doing here .????? :o)
logrus:/coda/RootMaison$ cfs la ./
System:AnyUser rl
System:Administrators rlidwkaEven in root chmod and chown woks only when I get authentificates ! Logic : root process had ACL to let me change the bit-permissions API are over the unix permissions.
Helping with Stephen J Turnbull graph I would say that unix process try to acces file true VFS downcall, and as the upcall to venus checks coda ACL, and it retun something like "user can read" it's enough for him !
Don't know where is the implementation of unix permission mecanism but I would bet it's somewhere under an other type of downcall to the kernel ( ext3fs ? ).
pam_kerberos works, but this isn't relevant. What I want to know is, doesYou'll perhaps have to set up uid in coda to be the same as your kerberos server.
coda grants access if a valid kerberos token is present and does the
kerberos UID match the coda uid - otherwise ls prints false user names?
BTW: http://www.coda.cs.cmu.edu/doc/html/manual/x197.html says a tokesIt ACL are set to system-anyuser readable apache should be able to read the content of directory.
expires after 25 hours. Is this tunable? How to grant access for system
services like apache? If users have in their home a webspace ~/.www/
which is accessible through http://www.foo.de/~user/. So apache needs a
unlimited token. Is this possible?
Give apache an acount in coda is a good idea...
For the unlimited token you can clog apache via a cron script.
I currently added a symlink in SysVinit scripts in order apache to be clog at end boot process too...
Woooops I had to reboot.... :-)
Well, cache isn't the right word. I mean the disk cache. I would like toInteresting...
turn them on and off at runtime like a swap partition.
-- Lionix FS-Realm (newbee?) Administrator Hundreds hours of work but so powerful !
