Home   Groups   Digests   Personalise   Search   Login
  POV-Ray : Newsgroups : povray.off-topic : Stupid question of the week Server Time
26 Jan 2025 02:36:10 EST (-0500)
  Stupid question of the week (Message 21 to 25 of 25)  
<<< Previous 10 Messages Goto Initial 10 Messages
From: Jim Henderson
Subject: Re: Stupid question of the week
Date: 12 May 2009 22:16:54
Message: <4a0a2d96$1@news.povray.org>
 
On Tue, 12 May 2009 13:54:10 -0700, Darren New wrote:

> Yes, but still based on the UID, on root having all access, and so on.
> And as far as I can tell, no per-file encryption, no inherited
> permissions.

Novell Storage System (NSS) on Linux isn't based on this at all.  ACLs 
are completely eDirectory-dependent and root (while they might be able to 
see stuff in the filesystem) doesn't automatically have all rights to the 
files.

:-)

Jim


Post a reply to this message
From: Nicolas Alvarez
Subject: Re: Stupid question of the week
Date: 12 May 2009 22:54:05
Message: <4a0a364c@news.povray.org>
 
Darren New wrote:
> Orchid XP v8 wrote:
>> Kerberos says nothing about what happens on the local machine. The MS
>> domain security model does.
> 
> Right. And my basic question there was whether the UNIX stuff underlying
> the kerberos can distinguish uid 1002 on one machine from uid 1002 on
> another machine.

In the same way a Windows domain has globally-unique UIDs shared between
systems, I guess you could network-mount or in some other way
keep /etc/passwd synced across computers. Then a username will mean the
same UID in any machine.


Post a reply to this message
From: Darren New
Subject: Re: Stupid question of the week
Date: 12 May 2009 23:10:31
Message: <4a0a3a27@news.povray.org>
 
Jim Henderson wrote:
> Novell Storage System (NSS) on Linux isn't based on this at all. 

How does NSS know who is trying to access the files?  Do you have to use a 
non-Linux login to connect to the storage system or something?

-- 
   Darren New, San Diego CA, USA (PST)
   There's no CD like OCD, there's no CD I knoooow!


Post a reply to this message
From: Darren New
Subject: Re: Stupid question of the week
Date: 12 May 2009 23:12:31
Message: <4a0a3a9f$1@news.povray.org>
 
Nicolas Alvarez wrote:
> In the same way a Windows domain has globally-unique UIDs shared between
> systems, I guess you could network-mount or in some other way
> keep /etc/passwd synced across computers. 

Only if they're all network connected from the start.  I can't take two 
already-set-up UNIX machines and connect them both to the same NFS drives 
and not expect problems, for example.

Windows manages to make this work even without a domain or network 
connectivity.  Sure, you can get around it with work, but the default isn't 
to confuse two accounts as one just because they come from different machines.

-- 
   Darren New, San Diego CA, USA (PST)
   There's no CD like OCD, there's no CD I knoooow!


Post a reply to this message
From: Jim Henderson
Subject: Re: Stupid question of the week
Date: 13 May 2009 12:57:48
Message: <4a0afc0c@news.povray.org>
 
On Tue, 12 May 2009 20:10:29 -0700, Darren New wrote:

> Jim Henderson wrote:
>> Novell Storage System (NSS) on Linux isn't based on this at all.
> 
> How does NSS know who is trying to access the files?  Do you have to use
> a non-Linux login to connect to the storage system or something?

Yes, you login through eDirectory.

The eDirectory user can be a LUM (Linux User Management) enabled user, 
which uses the LDAP integration to authenticate local users to the 
directory, but yeah, it can be configured to be entirely independent of 
the OS' use of UID.

Jim


Post a reply to this message
<<< Previous 10 Messages Goto Initial 10 Messages

Copyright 2003-2023 Persistence of Vision Raytracer Pty. Ltd.