On Wed, Jan 29, 2020 at 11:29:54AM +0000, Ottavio Caruso wrote: > > I wonder how this can possibly _not_ be useful. >
When you have a naming service that does not like multiple objects with the same name (yas, I am looking at you Active Directory....). To be honest I have never done AD integreation with NetBSD, only linux for $WORK but the tools are the same so I think it highly likely to work. You get bonus pain points if you are using a NFS v4 filer that is hooked to the same AD and will return EPERM for any group it doesn't know about so you if you try "chown usera:usera foobar" you get a "permission denied". Of course, these are things most people will not encounter but you did ask :) > On a multi user system, all files are created readable by the group (umask > 022). If we are all in the same group, anybody can read my newly created > files (imagine a local password file for alpine or ssl certs for irc, etc). > It's then left to the user to change umask and/or adjust permissions. Why > not just make it easier for the user? > They don't have to be - that is a local policy. For $WORK we used to default the umask to 077 so people had to make the choice to share. -- Brett Lymn -- Sent from my NetBSD device. "We are were wolves", "You mean werewolves?", "No we were wolves, now we are something else entirely", "Oh"
