--On Saturday, January 23, 2010 01:15:16 PM -0600 Andrew Deason
<[email protected]> wrote:
On Fri, 22 Jan 2010 09:16:11 -0500
Jeffrey Altman <[email protected]> wrote:
On 1/22/2010 8:15 AM, Andrew Deason wrote:
> Being the owner and having 'i' permissions is supposed to give you
> implicit 'r' and 'w', isn't it? I believe the fileserver lets you do
> that, and the existing client code certainly tried to allow that.
The fileserver grants the owner of the file implicit read and write
privileges because it has no ability to determine when a file was
created vs. when it was opened. That information is only available
to the cache managers. It is the responsibility of the cache manager
to enforce insert only semantics on the file. That means that cache
manager must track when a file was created separately from when it
was opened and only permit the read and write permissions on the file
to be used in the create case. Any other behavior is not consistent
with the 'insert' only privilege.
Why does the fileserver grant implicit read? A dropbox appears to work
at least for a couple of trivial cases when I disable it.
Because conceptually (and with the help of CM's enforcing this), 'i' means
that you can create a new file and read and write it as much as you want
until you close it. It does not mean that the newly-created file is
write-only. For that to work, the fileserver must allow the CM to fetch
chunks that have been pushed out of its cache.
-- Jeff
_______________________________________________
OpenAFS-devel mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-devel
