From owner-freebsd-hackers Wed Oct 6 17: 6:17 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from mail-out1.apple.com (mail-out1.apple.com [17.254.0.52]) by hub.freebsd.org (Postfix) with ESMTP id 1469A1579F for ; Wed, 6 Oct 1999 17:05:56 -0700 (PDT) (envelope-from wsanchez@scv2.apple.com) Received: from mailgate1.apple.com (A17-128-100-225.apple.com [17.128.100.225]) by mail-out1.apple.com (8.9.3/8.9.3) with ESMTP id RAA10338 for ; Wed, 6 Oct 1999 17:04:33 -0700 (PDT) Received: from scv2.apple.com (scv2.apple.com) by mailgate1.apple.com (mailgate1.apple.com- SMTPRS 2.0.15) with ESMTP id ; Wed, 06 Oct 1999 17:04:24 -0700 Received: from joliet-jake (joliet-jake.apple.com [17.202.40.140]) by scv2.apple.com (8.9.3/8.9.3) with SMTP id RAA29320; Wed, 6 Oct 1999 17:04:23 -0700 (PDT) Message-Id: <199910070004.RAA29320@scv2.apple.com> To: Narvi Subject: Re: Apple's planned appoach to permissions on movable filesystems Cc: Pat Dirks , FreeBSD Hackers In-Reply-To: <199910052119.OAA24627@scv1.apple.com> Date: Wed, 6 Oct 1999 17:04:19 -0700 From: Wilfredo Sanchez Reply-To: wsanchez@apple.com X-Mailer-Extensions: SWSignature 1.3.2 X-Mailer: by Apple MailViewer (2.106) Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG | Have you given consideration to systems where the user/group database is | kept for (possibly a large) number of computers in a centralised manner by | say hesiod or nys (nis+). It would be nice if there was an easy interface | with these so that distributing the local system id numbers need not be | done by hand. It's complicated. We do have a distributed database (NetInfo) and we considered perhaps using the name of the NetInfo domain to determine local vs. foreign. The problem is that distributed databases are sometimes hierarchical, and can be mixed. For example: Host H1 is in NetInfo domain N1 and has local users U1 and U2 (eg. they are in the local host's domain or in /etc/passwd on the local host). Host H2 is also in N1, but doesn't have local user U1 but it has a local user U2, though it's a different person's UID. NetInfo domains can be tiered, and so you might shared some, but not all, of the NetInfo users. Also, our resolver can use multiple sources, such as NetInfo and Hesiod and NIS. This makes keeping track of what IDs might be shared between any two machines a hard problem. -Fred -- Wilfredo Sanchez, wsanchez@apple.com Apple Computer, Inc., Core Operating Systems / BSD Technical Lead, Darwin Project 1 Infinite Loop, 302-4K, Cupertino, CA 95014 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message