James Carlson wrote: > Casper.Dik at Sun.COM writes: > > Unfortunately the use of TMPDIR is inherited across "su" and > > then, when users assume roles, TMPDIR no longer works. > > That point would seem to be a show-stopper to me. Having an RBAC role > fail to work because $TMPDIR is now set (when it wasn't before) and > owned by the original user would be an incompatible change and clearly > a Bad Thing.
I doubt the RBAC role will fail because the role application can write to /tmp/$LOGNAME unless the user him-/herself changes the mode to something different than 1777. > I've been staying out of this particular issue until now, as I could > see both sides of it. But it looks now like the weight of evidence is > against the proposal: not just RBAC damage, but also unnecessary > *extra* clutter in /tmp (due to the one-per-user directories, Which extra "clutter" ? Right now a plain desktop user always creates multiple files in /tmp, for example: -- snip -- $ ls -l /tmp | fgrep fosdem drwx------ 2 gfosdem gfosdem 48 2006-02-25 10:15 gconfd-gfosdem drwx------ 2 gfosdem gfosdem 120 2006-03-02 20:30 kde-gfosdem drwx------ 3 gfosdem gfosdem 112 2006-03-02 20:41 ksocket-gfosdem drwx------ 2 gfosdem gfosdem 144 2006-02-25 10:15 orbit-gfosdem srw------- 1 gfosdem gfosdem 0 2006-03-02 20:30 scim-panel-socket-:1-gfosdem drwx------ 2 gfosdem gfosdem 80 2006-02-25 13:27 vmware-gfosdem -- snip -- The matching account was only used for a FOSDEM demo and never again and the two logins ever made by it generated six files. IMO it is better to create a subdir in this case since it means that $ ls -l /tmp # only lists _one_ entry per user instead of six. IMO this is less clutter (1/6th in the example above) in /tmp and not more (unless you start counting all inodes in the whole /tmp filesystem). > even if > no temp files are used), but also the fact that admins can already set > this up if they want, Yes, but it may be nice to have something like this done by default since it appears to be a common construct which is usefull for both end-users and adminstrators. > that the target of "easy to use" (the isolated, > one-user system) won't benefit at all, and that it seems to fix a > non-existent problem (who cares what's in /tmp anyway?) It appears that the desktop environment make use of $TMPDIR and expose this "interface" to the end-user (see http://mail.opensolaris.org/pipermail/shell-discuss/2007-April/000245.html) - which matches my obervation how our users here behave. > all argue > against doing this. > > As it's no longer "obvious" and thus not appropriate for a fast-track, > if that's not removed from the proposal, I'll derail for a full review > and a written opinion. Darren: Any comments/objections/suggestions/etc. about this ? ---- Bye, Roland -- __ . . __ (o.\ \/ /.o) roland.mainz at nrubsig.org \__\/\/__/ MPEG specialist, C&&JAVA&&Sun&&Unix programmer /O /==\ O\ TEL +49 641 7950090 (;O/ \/ \O;)
