From owner-freebsd-questions@FreeBSD.ORG Mon Feb 23 21:32:13 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 717F616A4CE for ; Mon, 23 Feb 2004 21:32:13 -0800 (PST) Received: from smtp4.server.rpi.edu (smtp4.server.rpi.edu [128.113.2.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2AA5F43D2D for ; Mon, 23 Feb 2004 21:32:13 -0800 (PST) (envelope-from drosih@rpi.edu) Received: from [128.113.24.47] (gilead.netel.rpi.edu [128.113.24.47]) by smtp4.server.rpi.edu (8.12.8/8.12.8) with ESMTP id i1O5W8HQ021338; Tue, 24 Feb 2004 00:32:09 -0500 Mime-Version: 1.0 X-Sender: drosih@mail.rpi.edu Message-Id: In-Reply-To: <51780.204.118.74.216.1077598067.squirrel@mail.alpete.com> References: <51740.204.118.74.216.1077592204.squirrel@mail.alpete.com> <51780.204.118.74.216.1077598067.squirrel@mail.alpete.com> Date: Tue, 24 Feb 2004 00:32:07 -0500 To: aaron@alpete.com From: Garance A Drosihn Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Scanned-By: CanIt (www . canit . ca) cc: freebsd-questions@freebsd.org Subject: Re: filesystem permissions using dump on live filesystem X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Feb 2004 05:32:13 -0000 At 11:47 PM -0500 2/23/04, Aaron Peterson wrote: > > i put a user in the operator group in /etc/group: > >-snip- > >> and attempted to dump a live filesystem: > >-snip- > >> what am i missing here? > >nevermind. i had to log out and log back in. that solved my >problems. now my only question is why does one have to log >out and log in for addition to a new group to take effect? It is expected that the list of groups that you are a member of will not change very frequently. Thus, the list of your groups is computed at login time, and is kept in memory. If this was not done, then *anything* which checked your groups for access (such as reading a file) would have to read through all of /etc/group to re-calculate that list of groups. Now, it would be easy enough to optimize that simple case (on a machine using just /etc/group), but there is no simple optimization if on machines which are using something like NIS+ or other network directory services to hold the group information. If we really really had to, we could implement something that did that job acceptably well, but it's much easier to just tell people "log out, and log back in". Or don't even logout, just 'ssh -l localhost' and start a new session. -- Garance Alistair Drosehn = gad@gilead.netel.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu