[OpenAFS] keeping openafs from breaking group security

Matthew Miller mattdm@mattdm.org
Sun, 6 Feb 2005 16:31:37 -0500


On Sun, Feb 06, 2005 at 03:03:39PM -0500, Derrick J Brashear wrote:
> >There are a lot of very good and valid reasons for doing this which I don't
> >think this is the place to discuss -- the important thing is that assigning
> >supplementary groups is perfectly reasonable, standard Unix behavior, and
> >OpenAFS is the one imposing the "surprise" breakage.
> Incidentally, Linux isn't Unix(tm), and my SunOS 4 system (which strictly 
> speaking is BSD and not Unix(tm) either) didn't do it. And IIRC neither 
> does Solaris, which is probably the most Unix(tm) of the bunch I routinely 
> use.

The standard scripts for Solaris may not create a user-specific group, but
supplementary groups *are* completely possible, widely used, and completely
standard Unix. Unix(tm), even.

I don't know exactly when this started, but there's certainly been an
/etc/group file on every Solaris or old SunOS box I've ever seen.

-- 
Matthew Miller            mattdm@mattdm.org        <http://www.mattdm.org/>
-->  Fedora Users & Developers Conference, hosted by Boston University  <--
February 18th, 2005                       <http://fedoraproject.org/fudcon/>