[OpenAFS] Re: Supergroups and ACL inheritance
Russ Allbery
rra@stanford.edu
Fri, 25 Feb 2011 14:14:23 -0800
Thomas Smith <theitsmith@gmail.com> writes:
> On Thu, Feb 24, 2011 at 10:11 PM, Andrew Deason <adeason@sinenomine.net>wrote:
>> You don't want negative permissions there. I've found, at least for me,
>> negative permissions are rarely what you want to do. I'm assuming you
>> want 'group0' people to be able to put stuff all over the Group0/
>> directory, but only want group0:admins to have access to the 'Admins'
>> directory?
> Your assumption is correct.
> What purpose does negative permissions serve if not to remove
> permissions inherited from a higher level?
They allow you to grant access to all members of a particular PTS group
except some specific people.
It's a fairly rare thing to want to do, so they're mostly an attractive
nuisance.
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>