[OpenAFS] keeping openafs from breaking group security
Derrick J Brashear
shadow@dementia.org
Sun, 6 Feb 2005 15:03:39 -0500 (EST)
On Sun, 6 Feb 2005, Matthew Miller wrote:
> There are a lot of very good and valid reasons for doing this which I don't
> think this is the place to discuss -- the important thing is that assigning
> supplementary groups is perfectly reasonable, standard Unix behavior, and
> OpenAFS is the one imposing the "surprise" breakage.
Incidentally, Linux isn't Unix(tm), and my SunOS 4 system (which strictly
speaking is BSD and not Unix(tm) either) didn't do it. And IIRC neither
does Solaris, which is probably the most Unix(tm) of the bunch I routinely
use.
>> [...] If you want to disable PAGs, it seems pretty
>> simple; Make the SetPag pioctl a no-op.
> Thanks. I'll probably do this until a better place to store this information
> can be found.
It just means you have strictly uid tokens. For student computing this is
probably fine.