On Wed, Jun 3, 2009 at 10:27 AM, Marc Dionne <[email protected]> wrote: > On Tue, Jun 2, 2009 at 10:55 PM, Derrick Brashear <[email protected]> wrote: >> >>> Were any useful documents or code produced with last year's GSOC per-file >>> ACL project? I looked around the web site but didn't see much other than a >>> comment that some server-side work was "substantially completed" - which >>> sounds like at least some amount of code came out of it. >> >> For per-file ACLs? I wonder where you found that; Nothing of consequence was >> completed, alas. > > Found that comment here: http://www.openafs.org/pages/gsoc/2008final.html > >> Have you looked at the CForeign (DFS translator) code in the client? >> >> Derrick > > I had a quick look now, but it's not clear exactly what the > assumptions of this option are. In particular, should CForeign work > correctly with an AFS server at the other end or does it make DFS > assumptions that won't work with AFS? Any downside?
There are existing AFS-protocol servers which make use of it, notably, Jeff Hutzelman's hostafs uses it. > It does look like it could be a way (maybe the only way) to make old > clients behave sanely. The issue I've seen so far with an unmodified > client is that some parts of the code (through AcessOK) think a file > is accessible, but attempts to actually access it (FetchData, etc.) > fail at the server. This has the interesting effect that a file can > be read if it was cached by another user, but can't (permission > denied) if it has to be fetched from the server. I wonder if CForeign will behave better. > To make newer clients work I've only changed a few lines so far in > AccessOK - I don't see too many other assumptions in the client code > about permissions being at the directory level. Of course testing > might reveal more. Indeed. -- Derrick _______________________________________________ OpenAFS-devel mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-devel
