From: Jun Kuriyama <[EMAIL PROTECTED]>
To: Kirk McKusick <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED]
Subject: Re: dump -L and privilege
In-Reply-To: <[EMAIL PROTECTED]>
X-ASK-Info: Whitelist match
Is this enough?
Moreover, the fact that the number of snapshots allowed on a filesystem
is limited to a handful (src/sys/ufs/ffs/README.snapshot says 20) makes
it possible for normal users to disrupt dump -L and other important
operations that require snapshots.
Alternative 2 seems a lot more sensible.
Just my 2
On 2003-01-30 17:16, Kirk McKusick <[EMAIL PROTECTED]> wrote:
> If the snapshot is mounted, then the same filesystem permissions
> are enforced as would be enforced for the mounted disk except
> that the mount must be done read-only, so nothing in the snapshot
> can be moved, deleted, or changed.
Date: Fri, 31 Jan 2003 02:24:00 +0200
From: Giorgos Keramidas <[EMAIL PROTECTED]>
To: Garrett Wollman <[EMAIL PROTECTED]>
Cc: Kirk McKusick <[EMAIL PROTECTED]>,
[EMAIL PROTECTED]
Subject: Re: dump -L and privilege
X-ASK-
On 2003-01-30 15:52, Garrett Wollman <[EMAIL PROTECTED]> wrote:
> <
>said:
> > The other alternative would be to
> > create a setuid-to-root program that would take a snapshot and
> > chown it to the user that does dumps.
>
> I think this would actually be a useful feature for more than just
> dum
On Wed, Jan 29, 2003 at 06:17:31PM -0800, Kirk McKusick wrote:
Alternative 1 `usermount'
> The first would be
> to change the default for vfs.usermount == 1 and then have dump -L
> create the snapshot in a directory owned by "operator" (or by
> whatever user runs the dumps). Then the snapshot coul
<
said:
> The other alternative would be to
> create a setuid-to-root program that would take a snapshot and
> chown it to the user that does dumps.
I think this would actually be a useful feature for more than just
dumps. I might want to allow some users (say, those in group
`operator') to be
Date: Fri, 17 Jan 2003 09:08:09 +0900
From: Jun Kuriyama <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Cc: Current <[EMAIL PROTECTED]>
Subject: dump -L and privilege
X-ASK-Info: Confirmed by User
I'm trying to use dump -L op
I'm trying to use dump -L option to dump with snapshot on
-current/RELENG_5_0 family.
I found dump -L needs writable permission to the device (that's
reasonable because it *writes* snapshot file). But when I try to dump
by operator group, it's impossible to dump with -L option (target
device has