[OpenAFS] OpenAFS on Linux 2.5.x

Neulinger, Nathan nneul@umr.edu
Thu, 17 Jul 2003 11:41:05 -0500


PAGs have nothing to do with ACLs.  They are used for controlling what
processed have access to what tokens in the kernel.

A very reasonable solution was presented to linux-kernel. The problem is
that they all insisted on blowing it up into the nightmarish key
management system instead of just treating PAGs as the simple construct
that they are - which the patch did in a pretty reasonable manner.

-- Nathan

------------------------------------------------------------
Nathan Neulinger                       EMail:  nneul@umr.edu
University of Missouri - Rolla         Phone: (573) 341-4841
UMR Information Technology             Fax: (573) 341-4216


> -----Original Message-----
> From: Jon Bendtsen [mailto:jon+openafs@silicide.dk]=20
> Sent: Thursday, July 17, 2003 11:35 AM
> To: OpenAFS-info@openafs.org
> Subject: Re: [OpenAFS] OpenAFS on Linux 2.5.x
>=20
>=20
> Russ Allbery wrote:
> > Jon Bendtsen <jon+openafs@silicide.dk> writes:
> >=20
> >=20
> >>What is it that so far has made AFS such a big no no in the kernel?
> >=20
> >=20
> > The first thing that you run into is that AFS requires this=20
> giant wad of
> > code for supporting a fairly odd network protocol, but I believe the
> > current problems may revolve around the fact that PAGs are really
> > something of a hack.  They're an effective and portable=20
> hack, but they've
> > caused problems for years (such as with bash calling=20
> setgroups on Linux),
> > and the overloading of groups to hold stashed network=20
> credentials is the
> > sort of thing that's going to legitimately raise eyebrows.
>=20
> Well, doesnt linux support native POSIX acl's now? I know XFS=20
> does, also
> for linux, so cant openAFS use those ACL's to avoid the mess=20
> with PAG's?
> If not we would need to make a nice PAG replacement.
>=20
>=20
>=20
> JonB
>=20
>=20
>=20
>=20
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
>=20