Adam Megacz wrote: > UNIX only does permission checks on open(), whereas AFS does > permission checks on fsync() and close(). In other words, if you open > a file, drop your tokens, and then try to write to it the next fsync() > or the close() will fail. (BTW, there are very good reasons for this > behavior, involving the possibility of writing your own "renegade" > implementation of the AFS client). >
In /etc/init.d/apache2 on deleuze now, we have a kstart running to keep the main Apache processes supplied with the right AFS credentials. Are you saying that waklog doesn't spawn separate processes to handle user CGI execution? If it does, I don't see which Apache processes are ever changing to different users. _______________________________________________ HCoop-SysAdmin mailing list [email protected] http://hcoop.net/cgi-bin/mailman/listinfo/hcoop-sysadmin
