On 21 June 2016 at 12:25, Jie Yu <[email protected]> wrote: > James, sticky bit means that there will be no write sharing between two > users even if the underlying permission allows it. I'd prefer not having > this restriction:)
No, it just prevents users renaming or deleting each others files. http://man7.org/linux/man-pages/man1/chmod.1.html If you want multiple users to be able to write to the same files, they need to create with the right ownership. >> I wonder whether ACLs are the right solution to volume ownership? >> Certainly I think inherited ACLs are a good solution for expressing a >> consistent access control policy over a hierarchy (at least in the >> Windows/Darwin/SMB/NFSv4/RichAcl ACL model). > > > Are you suggesting that we don't expose the underlying unix user directly to > frameworks. Instead, expressing permissions and ownerships using ACLs? Well that could be an option, though I'm mainly thinking out loud. With shared volumes, it seems like you really want an access control policy that applies to the volume, rather than requiring processes to collaborate at a file granularity. One way to do that would be to make the owner the creator of the volume, then use ACL inheritance to grant additional access to other users. You'd have to reflow the inheritance, but it could probably done. -- James Peach | [email protected]
