[OpenAFS] Question about append-only directories and ownership of files

Dexter 'Kim' Kimball dhk@ccre.com
Mon, 21 Mar 2005 10:46:12 -0700 

You don't mention the other half of the ACL.  Who has "wilk" permissions?

In general AFS doesn't care about ownership/mode bits -- ignores them
entirely on directories, but does apply the owner mode bits to all users,
including the owner.  (Doesn't seem relevant here but sometimes good to
know.)

Kim


=================================
Kim (Dexter) Kimball
CCRE, Inc.
kim<dot>kimball<at>jpl.nasa.gov
dhk<at>ccre.com




> -----Original Message-----
> From: openafs-info-admin@openafs.org 
> [mailto:openafs-info-admin@openafs.org] On Behalf Of Thomas M. Payerle
> Sent: Friday, March 18, 2005 6:58 PM
> To: openafs-info@openafs.org
> Subject: [OpenAFS] Question about append-only directories and 
> ownership of files
> 
> 
>   I have a cgi script on a web server writing into an AFS 
> directory with
> ACL rights wilk; i.e. "write" permission set minus the "r".  
> The desired
> intent was to create a directory containing a file which the 
> cgi script can
> append to, but would be unable to read from.
> 
> The above appeared to be working as I expected, until I 
> started testing out
> a replacement web server machine (having a different 
> hostname, thus the 
> httpd.hostname principal is different).  Even when the ACL list in the
> parent (and all ancestral) directories are the same for both 
> instances,
> the "wilk" permission set does not appear to be sufficient 
> for appending
> _UNLESS_ the principal also is the owner of the file (the old 
> server owned
> the files, and so worked without problem).
> 
> It is happy if it has the "r" permission added to the set, 
> and does not
> even change the owner after appending. It also is happy if 
> the owner of the
> file is changed and the "r" permission not added.
> 
> I have tested this out even with simple "echo 'AAA' >> file" 
> type commands,
> so it does not appear to be an artifact of perl.
> 
> As AFS generally tends to be somewhat unconcerned about file 
> ownership in
> most cases, this ownership dependency was unexpected.  I 
> searched some texts
> and the web on AFS ACL rights, and although only one 
> explicitly mentioned
> "append" rights 
> (http://www.engin.umich.edu/caen/technotes/afs.pdf) (stating
> that "w" permission sufficient for that), the more common 
> definition of
> "w" as allowing modification of files content seems 
> consistent with that.
> 
> Is this behavior "expected"?  Am I missing something?  Is 
> there a way in
> AFS to have a file be append-only (possibly with creation if 
> missing, but
> without being "readable") that does not depend on the 
> principal appending
> to the file owning the file?
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
>