[OpenAFS-devel] Some tests and questions about fs setquota

Thu, 19 Mar 2009 11:52:44 -0400

On Thu, Mar 19, 2009 at 11:36:01AM -0400, Steve Simmons wrote:
> 
> On Nov 23, 2008, at 4:17 PM, Jason Edgecombe wrote:
> 
> >I admit that we have had a few cases where exiting users give a  
> >buddy admin rights on their volume before leaving. We had one case  
> >where the buddy begged us to recover files from the original user's  
> >account, but we could not legally do that.
> >
> >Is there some way to flip a bit and disable all writes on a R/W  
> >volume? Clobbering the ACL's on the volume would do this, but  
> >undoing that would not be trivial for users who leave and return.
> >
> >If we want to allow a negative quota to disable all writes, then I  
> >propose that we only allow -1. Then again, 1 is almost as effective  
> >assuming that the volume has a few files in it.
> 
> Flip a bit, no. But you can effectively do it with more work:
> 
> Back up the volume using vos dump
> Remove the volume
> Do vos restore using the -readonly switch. The restored volume is  
> readonly, has the original name, and is parent-less.

Although this always felt messy to me, since it seems to confuse
vos (which then confuses me). But I'm easily confused.

I was bored one evening and looked at what it would take to make
what I called an "administratively read-only volume". It seemed
to me at a quick glance it wouldn't take much. I should look
at that again. Looking at my notes, my wild guess was that it
would simply be setting a flag, and then every place where the
fileserver checks for "readonlyServer" do another check for this
flag and return VREADONLY as well. But, again, this was just my
wild guess, I hadn't actually gotten anywhere with it.

The other option is to use the -readonly flag to the fileserver,
which I believe would get you what you want, if you want to live
with having to maintain a fileserver just for readonly volume.

-- 
Thomas L. Kula | kula@tproa.net | http://kula.tproa.net/