Date: Wed, 6 Oct 1999 17:04:19 -0700 From: Wilfredo Sanchez <wsanchez@apple.com> To: Narvi <narvi@haldjas.folklore.ee> Cc: Pat Dirks <pwd@apple.com>, FreeBSD Hackers <FreeBSD-Hackers@freebsd.org> Subject: Re: Apple's planned appoach to permissions on movable filesystems Message-ID: <199910070004.RAA29320@scv2.apple.com> In-Reply-To: <199910052119.OAA24627@scv1.apple.com>
index | next in thread | previous in thread | raw e-mail
| Have you given consideration to systems where the user/group
database is
| kept for (possibly a large) number of computers in a centralised
manner by
| say hesiod or nys (nis+). It would be nice if there was an easy
interface
| with these so that distributing the local system id numbers need not be
| done by hand.
It's complicated. We do have a distributed database (NetInfo) and
we considered perhaps using the name of the NetInfo domain to
determine local vs. foreign. The problem is that distributed
databases are sometimes hierarchical, and can be mixed. For example:
Host H1 is in NetInfo domain N1 and has local users U1 and U2 (eg.
they are in the local host's domain or in /etc/passwd on the local
host).
Host H2 is also in N1, but doesn't have local user U1 but it has a
local user U2, though it's a different person's UID.
NetInfo domains can be tiered, and so you might shared some, but
not all, of the NetInfo users. Also, our resolver can use multiple
sources, such as NetInfo and Hesiod and NIS.
This makes keeping track of what IDs might be shared between any
two machines a hard problem.
-Fred
--
Wilfredo Sanchez, wsanchez@apple.com
Apple Computer, Inc., Core Operating Systems / BSD
Technical Lead, Darwin Project
1 Infinite Loop, 302-4K, Cupertino, CA 95014
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199910070004.RAA29320>