[OpenAFS] Re: fs setacl and permissions
Derrick J Brashear
Wed, 31 Jan 2007 14:29:24 -0500 (EST)
On Wed, 31 Jan 2007, Todd M. Lewis wrote:
>>> I see a need for both solutions. Would it be possible to change the
>>> behaviour on a per-fileserver basis? That you could allow one scenario
>>> on volumes on fileserver a and allow the other on fileserver b.
>>> Perhaps a flag to the fileserver on start-up to select which method the
>>> cell admin would like?
>> the problem is the right way is per-volume, but per-fileserver is probably
>> the best we can do today. anyone want to code it? (i can code it, it's like
>> 5 minutes work, but testing is a little more)
> Is this really a good idea?
Not especially, but people love being able to shoot themselves in the
foot. When I recovered from my old life I realized you can only try so
hard to protect someone from themselves.
> Will vos move give a warning when moving a volume
> from one flavor of server to another?
Presumably not. If it did, so what?
> What happens when a server is rebooted
> with the flag switched? Would we need some kind of flag on the volume itself
> to say what kind of behavior is expected? This may be a 5 minute change, but
We do need one, but it's rather harder to do, and won't help people who
want something now.
> recovery may take years. Maybe with a little more thought we can come up with
> a way to get the specific desired behavior without making multiple flavors of
> file servers (and avoid the resulting confusion that will ensue).
Oh, we absolutely can. This is really more of a caveat emptor sort of
feature. Right now we can upset the people who need the documented
behavior or the people who need the current (undocumented) behavior. If we
make this change, without any change other than to the fileserver binary
and it's switches at invocation we can upset the people who run a mixed
environment and are careless about what they put where. Doing it right
means not just more work (some of which is properly lumped in with other
work which I don't think we're prepared to do just yet) but more
deployment hassles (basically, you'll need a new vos). The "hack" way is
clearly a hack, but if you can read enough to flip switches, you can read
enough to know what you got yourself into.