[OpenAFS] keeping openafs from breaking group security

Derrick J Brashear shadow@dementia.org
Sun, 6 Feb 2005 15:03:39 -0500 (EST)


On Sun, 6 Feb 2005, Matthew Miller wrote:

> There are a lot of very good and valid reasons for doing this which I don't
> think this is the place to discuss -- the important thing is that assigning
> supplementary groups is perfectly reasonable, standard Unix behavior, and
> OpenAFS is the one imposing the "surprise" breakage.

Incidentally, Linux isn't Unix(tm), and my SunOS 4 system (which strictly 
speaking is BSD and not Unix(tm) either) didn't do it. And IIRC neither 
does Solaris, which is probably the most Unix(tm) of the bunch I routinely 
use.

>>                   [...] If you want to disable PAGs, it seems pretty 
>> simple; Make the SetPag pioctl a no-op.
> Thanks. I'll probably do this until a better place to store this information
> can be found.

It just means you have strictly uid tokens. For student computing this is 
probably fine.