On Tue, Jun 2, 2009 at 10:55 PM, Derrick Brashear <[email protected]> wrote: > >> Were any useful documents or code produced with last year's GSOC per-file >> ACL project? I looked around the web site but didn't see much other than a >> comment that some server-side work was "substantially completed" - which >> sounds like at least some amount of code came out of it. > > For per-file ACLs? I wonder where you found that; Nothing of consequence was > completed, alas.
Found that comment here: http://www.openafs.org/pages/gsoc/2008final.html > Have you looked at the CForeign (DFS translator) code in the client? > > Derrick I had a quick look now, but it's not clear exactly what the assumptions of this option are. In particular, should CForeign work correctly with an AFS server at the other end or does it make DFS assumptions that won't work with AFS? Any downside? It does look like it could be a way (maybe the only way) to make old clients behave sanely. The issue I've seen so far with an unmodified client is that some parts of the code (through AcessOK) think a file is accessible, but attempts to actually access it (FetchData, etc.) fail at the server. This has the interesting effect that a file can be read if it was cached by another user, but can't (permission denied) if it has to be fetched from the server. To make newer clients work I've only changed a few lines so far in AccessOK - I don't see too many other assumptions in the client code about permissions being at the directory level. Of course testing might reveal more. Marc _______________________________________________ OpenAFS-devel mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-devel
