2009/6/12 Kevin Reid <[email protected]>: > On Jun 12, 2009, at 13:59, Rufus Pollock wrote: [...] >> 1. Can you have a "Grid Administrator" (with root-style permissions)? >> >> As I understand it from the documentation the ability to do stuff with >> objects is controlled by the capability URI you have. If you have a >> readcap you can read, if you have the writecap you can write etc. >> Furthermore, these capability URIs are created when the object is >> created and made available /to the creator/. >> >> In our setup we want people to be able to "donate" nodes to the grid. >> At the same time there needs to be some way to monitor/control what >> people upload (the aim is to store open data of general interest not >> someone's personal backups or their CD collection) and we also want to >> ensure not just anyone can come and delete objects. > > You don't need a root, a read-write-everything user, and you can't get it in > Tahoe, by design, anyway. What you want is storage accounting, which once > implemented will allow you to define and subdivide permissions to use > specified amounts of space. > > http://allmydata.org/trac/tahoe/browser/docs/proposed/accounting-overview.txt
Yes I'd already read that but I hadn't thought of your suggested way of using this to validate/monitor usage of the grid by users that you propose in the next paragraph. > To implement your "data of general interest" policy, you could provide > someone with a storage authority which permits them to use U+A bytes, where > A is the margin for uploading new files, and U is the total size of files > which they have published links to in your catalog (directly or indirectly > by a Tahoe directory) which have been reviewed as being of general interest. That seems like a neat idea. Does the accounting system allow you to "identify" the owner of a given share/file? If so that might be enough for what we want. >> 2. How do you control who can join a grid? >> >> Is there any way to configure my node only to talk to these other >> nodes? Given that new nodes join a grid via an introducer I wondered >> if there were some way to use the introducer for this function. (E.g. >> I have to be a given a token which I pass to the introducer in order >> to be "allowed in") > > What do you wish to accomplish by this, and why? > > - Restricting downloading of files/view directories? No we are happy for everything to be world-readable (in fact we want to force that). > - Restricting uploading of new files? More along these lines. [...] Rufus _______________________________________________ tahoe-dev mailing list [email protected] http://allmydata.org/cgi-bin/mailman/listinfo/tahoe-dev
