[OpenAFS] Restoring ownership information of filesystem structure on /vicep*

Matthias Gerstner Matthias.Gerstner@student.fh-nuernberg.de
Wed, 2 Aug 2006 21:29:10 +0200 

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigF768F99FF5CCAC074718CA24
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Derek Atkins wrote:
> Unfortunately the owner and mode information is vital information
> about the files..  It's like asking "i just rm'ed this letter -- how
> can I recover paragraph #3?".  You should restore from backup.
>=20
> -derek

I see. Well I'm using AFS for some time now and I'm quite satisfied with
it's features.

But in some places like this I find it's a bit too sensible. Wouldn't it
have been better to use some encapsulated form for the internal AFS
data. A single binary file or a real own filesystem implementation for AF=
S?

I mean the structure in /vicep looks quite complex and relies on
features of the underlying filesystem (i.e. the inodes). That the file
permissions and ownership are so vital for the integrity of the AFS data
isn't a very beautiful approach in my opinion.

It looks to me like encoding meta information in the primary key of a
database table or such things.

Especially as I never noticed that there are special file permissions at
all even after one year of quite intensive working with OpenAFS. On the
top level of the vicep partitions are only the volume files which have
no special looking permissions at all. Only if you enter the AFSIData
folder you encounter the README file warning from altering permissions.

Besides the criticism: What is the most secure way of moving a complete
OpenAFS server installation (in case of only one server running) from
one machine to another? I haven't worked with the internal backup
support of OpenAFS yet. But I don't see a clean and easy way of securely
moving the complete installation.

Greetings,

Matthias




--------------enigF768F99FF5CCAC074718CA24
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFE0P0GMZERT+rV9aARAo6BAJ0Y+kCwKtxQbCEO/YafBVsUfM0InwCgu6Nf
qSI6KH3mn+dS0JlgwoJrUVQ=
=KskV
-----END PGP SIGNATURE-----

--------------enigF768F99FF5CCAC074718CA24--