On Jun 12, 2009, at 13:59, Rufus Pollock wrote: > We've just started an "Open Data Grid" for storing "open data" > (<http://grid.okfn.org/>) using Tahoe, and we're going to be doing a > lot more work with it over the coming months. ...
> 1. Can you have a "Grid Administrator" (with root-style permissions)? > > As I understand it from the documentation the ability to do stuff with > objects is controlled by the capability URI you have. If you have a > readcap you can read, if you have the writecap you can write etc. > Furthermore, these capability URIs are created when the object is > created and made available /to the creator/. > > In our setup we want people to be able to "donate" nodes to the grid. > At the same time there needs to be some way to monitor/control what > people upload (the aim is to store open data of general interest not > someone's personal backups or their CD collection) and we also want to > ensure not just anyone can come and delete objects. You don't need a root, a read-write-everything user, and you can't get it in Tahoe, by design, anyway. What you want is storage accounting, which once implemented will allow you to define and subdivide permissions to use specified amounts of space. http://allmydata.org/trac/tahoe/browser/docs/proposed/accounting-overview.txt To implement your "data of general interest" policy, you could provide someone with a storage authority which permits them to use U+A bytes, where A is the margin for uploading new files, and U is the total size of files which they have published links to in your catalog (directly or indirectly by a Tahoe directory) which have been reviewed as being of general interest. > 2. How do you control who can join a grid? > > Is there any way to configure my node only to talk to these other > nodes? Given that new nodes join a grid via an introducer I wondered > if there were some way to use the introducer for this function. (E.g. > I have to be a given a token which I pass to the introducer in order > to be "allowed in") What do you wish to accomplish by this, and why? - Restricting downloading of files/view directories? - Restricting uploading of new files? - Something else? > 3. Is it ever possible to revoke capabilities. > > For example, if I give you the writecap to directory X is there any > way to rescind that later on (i.e. can I change the writecap for that > directory without deleting it)? It is impossible to implement revocation without having a server you rely on (as opposed to Tahoe's basic stored-anywhere-in-the-grid model) to implement that revocation, and proxy all operations until revocation. This is not currently supported in Tahoe -- see http://allmydata.org/pipermail/tahoe-dev/2009-May/001770.html -- Kevin Reid <http://homepage.mac.com/kpreid/> _______________________________________________ tahoe-dev mailing list [email protected] http://allmydata.org/cgi-bin/mailman/listinfo/tahoe-dev
