begin quoting James G. Sack (jim) as of Sat, Oct 21, 2006 at 11:06:24PM -0700:
> Andrew Lentvorski wrote:
[snip]
> > "student-n" cannot be part of group "instructors" or "student-0" can
> > look at the files of "student-1".
> >
> > It's a slightly subtle issue that doesn't pop out immediately.
> >
> > The issue is that the source control has to block both writes *and*
> > reads between students. This is unusual.
>
> What about using the redhat scheme where every user (student) has his
> own group. Then you just have to add the instructor to each of his
> students' group when that student's repository is created.
Requires administrator setup.
Plus:
% wc -l /etc/passwd
33642 /etc/passwd
% wc -l /etc/group
2939 /etc/group
%
The problem arises especially if you start allowing team development;
assignment #1 may have Alice and Bob team up, and assignment #2, Alice
and Carol may team up.
So it's a group for every student, and if team assignments are allowed,
for every team as well. And you can't delegate group management, so
far as I know, to anyone but root. That's what ACLs are for.
I really thought the ACLs would have worked, even if one had to reset
the ACLs in a script on every commit or a cronjob. You'd have some
setup magic for each module, but that's scriptable as well.
--
_ |\_
\|
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
