Date: Tue, 24 Feb 2004 00:32:07 -0500 From: Garance A Drosihn <drosih@rpi.edu> To: aaron@alpete.com Cc: freebsd-questions@freebsd.org Subject: Re: filesystem permissions using dump on live filesystem Message-ID: <p06020484bc60913b33e2@[128.113.24.47]> In-Reply-To: <51780.204.118.74.216.1077598067.squirrel@mail.alpete.com> References: <51740.204.118.74.216.1077592204.squirrel@mail.alpete.com> <51780.204.118.74.216.1077598067.squirrel@mail.alpete.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 11:47 PM -0500 2/23/04, Aaron Peterson wrote: > > i put a user in the operator group in /etc/group: > >-snip- > >> and attempted to dump a live filesystem: > >-snip- > >> what am i missing here? > >nevermind. i had to log out and log back in. that solved my >problems. now my only question is why does one have to log >out and log in for addition to a new group to take effect? It is expected that the list of groups that you are a member of will not change very frequently. Thus, the list of your groups is computed at login time, and is kept in memory. If this was not done, then *anything* which checked your groups for access (such as reading a file) would have to read through all of /etc/group to re-calculate that list of groups. Now, it would be easy enough to optimize that simple case (on a machine using just /etc/group), but there is no simple optimization if on machines which are using something like NIS+ or other network directory services to hold the group information. If we really really had to, we could implement something that did that job acceptably well, but it's much easier to just tell people "log out, and log back in". Or don't even logout, just 'ssh -l localhost' and start a new session. -- Garance Alistair Drosehn = gad@gilead.netel.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?p06020484bc60913b33e2>