-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Darren New wrote: > Paul G. Allen wrote: >> Maybe in the past, but certainly not today. There's a long list of file >> systems for Linux as well as ACL support.... > > Er, as far as I know, for example, Linux still only has an owner integer > and a group integer on a file. This means that if you have a file on > removable media (like a USB drive), and you plug it into a different > machine, you may suddenly find it has different owners. If there's a way > to have (say) a small home network where this sort of thing works, where > I can move my backup disk from machine to machine, other than simply > making sure all the user names map to the same ID numbers on all the > machines, I'd like to hear how to work it.
Kereberos and LDAP based systems manage the UID number in a distributed way. Linux support for ACL's, while not nearly as nicely integrated as NT's, does provide most of the magic. > It also lacks multiple streams on a file, altho I believe there's a > limited name/value capability, as long as you don't want support from > the rest of the OS (like, say, the copy command, I/O redirection, etc.) Well, there are lots of things you can do on Windows that mess up multiple streams on a file, not to mention multiple streams on a file messing up things on Windows (IIS comes to mind immediately). In general, multiple streams on a file has proven to be a fairly questionable feature. > I also don't know anything that lets me (for example) query for the list > of files that were deleted or had their permissions changed since the > last time I ran this program without scanning the entire disk drive. Yes, if you have it set up for auditing, it can and will do this, just like NT. Not surprising since this is a requirement for C2 security ratings. > There's no way to tell if a file was renamed, or if the file was simply > deleted and replaced with another file that takes the same i-node. > Indeed, as far as I can see, the interface for detecting files changing > when you *are* running is barely usable for showing explorer-style > windows updating in a GUI. man inotify > And, as far as I could tell, there's no convenient way to (for example) > copy files over the network while retaining the ACLs, or back up and > restore files while retaining stuff like the bits that say "Mary is > allowed to append to the file, Joe and Sue are allowed to read but not > write, Frank is allowed to write but not read, and Fred is allowed to > back it up but not allowed to read it." AFS, NFS/NIS, DFS, GFS, OCFS, etc. man star (for information on backup) > AFAIK, Linux also doesn't have something like BITS standard. I don't > know how you configure Linux to download something slowly and only when > the network stack isn't handling other traffic, and how to have it do > that only when your connected, and have it launch your program on the > result when it's finished downloading. Sure, you can write it, but it > isn't ubiquitous as something like cron is, and that makes a big > practical difference. BITS isn't exactly the be-all to end-all either. It's caused me headaches on more than a few occasions. Anyway, if you are looking for something as ubiquitous as cron that provides you with most of what you want, that'd be cURL. For the record, BITS support for throttling downloads is pretty lame to begin with. In general, throttling uploads is very doable, but throttling downloads is pretty haphazard unless you can speak with your upstream router. > I'm not sure how you configure something in Linux so that it doesn't > slow down other processes with disk access. I.e., I don't know the > equivalent of "nice" for disk access. Can you tell me which FM to R? man ionice > Linux also seems to lack an EFS that can encrypt individual files in a > directory, or have different files in a directory encrypted by different > people. Ugh, if you'd looked at how this actually ends up working from a security perspective, you wouldn't have mentioned it. ;-) Anyway, TCFS gives you access to the useful bits of EFS. > It also lacks the ability to clean up temp files when your program > crashes or when you log out. openat() unlinkat() done. >>> The features of the file system and permission system are actually >>> well-integrated into the tools. > > This is the "backup" part, see. I haven't found any program that will > back up files with ACLs and the other magic "append only" type bits intact. man star Also there are things like Arkeia. >> What is Linux lacking again? But now we digress. > > I think you're putting your hands over your ears. Just saying > "Journaling file system" doesn't do what I described. If it did, there > wouldn't be any need for programs to write new versions to a .tmp file > and then rename them over top of the old version, just to keep from > corrupting the file if they crashed in the middle. Interestingly, Windows programs still do the same thing. This is part of what undermines EFS's functionality. - --Chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGbjRyOagjPOywMBARAhqjAJ45mvkPALdfTk4PTXAvQ43YES3sFwCeJQpB it8Pug17S4T9/m2seUs+LAE= =95yT -----END PGP SIGNATURE----- -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-lpsg
