Re: dump -L and privilege

2003-01-31 Thread Kirk McKusick
From: Jun Kuriyama <[EMAIL PROTECTED]> To: Kirk McKusick <[EMAIL PROTECTED]> Cc: [EMAIL PROTECTED] Subject: Re: dump -L and privilege In-Reply-To: <[EMAIL PROTECTED]> X-ASK-Info: Whitelist match Is this enough?

Re: dump -L and privilege

2003-01-31 Thread Eugene M. Kim
Moreover, the fact that the number of snapshots allowed on a filesystem is limited to a handful (src/sys/ufs/ffs/README.snapshot says 20) makes it possible for normal users to disrupt dump -L and other important operations that require snapshots. Alternative 2 seems a lot more sensible. Just my 2

Re: dump -L and privilege

2003-01-30 Thread Giorgos Keramidas
On 2003-01-30 17:16, Kirk McKusick <[EMAIL PROTECTED]> wrote: > If the snapshot is mounted, then the same filesystem permissions > are enforced as would be enforced for the mounted disk except > that the mount must be done read-only, so nothing in the snapshot > can be moved, deleted, or changed.

Re: dump -L and privilege

2003-01-30 Thread Kirk McKusick
Date: Fri, 31 Jan 2003 02:24:00 +0200 From: Giorgos Keramidas <[EMAIL PROTECTED]> To: Garrett Wollman <[EMAIL PROTECTED]> Cc: Kirk McKusick <[EMAIL PROTECTED]>, [EMAIL PROTECTED] Subject: Re: dump -L and privilege X-ASK-

Re: dump -L and privilege

2003-01-30 Thread Giorgos Keramidas
On 2003-01-30 15:52, Garrett Wollman <[EMAIL PROTECTED]> wrote: > < >said: > > The other alternative would be to > > create a setuid-to-root program that would take a snapshot and > > chown it to the user that does dumps. > > I think this would actually be a useful feature for more than just > dum

Re: dump -L and privilege

2003-01-30 Thread Jacques A. Vidrine
On Wed, Jan 29, 2003 at 06:17:31PM -0800, Kirk McKusick wrote: Alternative 1 `usermount' > The first would be > to change the default for vfs.usermount == 1 and then have dump -L > create the snapshot in a directory owned by "operator" (or by > whatever user runs the dumps). Then the snapshot coul

Re: dump -L and privilege

2003-01-30 Thread Garrett Wollman
< said: > The other alternative would be to > create a setuid-to-root program that would take a snapshot and > chown it to the user that does dumps. I think this would actually be a useful feature for more than just dumps. I might want to allow some users (say, those in group `operator') to be

Re: dump -L and privilege

2003-01-29 Thread Kirk McKusick
Date: Fri, 17 Jan 2003 09:08:09 +0900 From: Jun Kuriyama <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Cc: Current <[EMAIL PROTECTED]> Subject: dump -L and privilege X-ASK-Info: Confirmed by User I'm trying to use dump -L op

dump -L and privilege

2003-01-16 Thread Jun Kuriyama
I'm trying to use dump -L option to dump with snapshot on -current/RELENG_5_0 family. I found dump -L needs writable permission to the device (that's reasonable because it *writes* snapshot file). But when I try to dump by operator group, it's impossible to dump with -L option (target device has