On Feb 12, 2009, at 8:52 PM, Da Rock wrote:
With reasonable organization, and appropriate use of sudo or setgid
binaries for things like people who use SVN or CVS, there generally
isn't reason or need for a user to be in so many groups. For the
exceptional cases, switching to using a full ACL system rather than
the traditional Unix permission model is probably going to be a
better
solution.
Interesting. What would you suggest for full ACL?
Well, it depends on what you're doing in terms of user requirements
and systems (ie, are the FreeBSD boxes fileservers, clients, or
both?), but the stuff which comes with FreeBSD is documented in
acl(3), getfacl, setfacl, etc. Other choices might involve something
like the Andrew File System / Transarc DFS stuff, or Windows Active
Directory and Samba/CIFS on the FreeBSD boxes....
Regards,
--
-Chuck
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
