[OpenAFS-port-darwin] Unix permission bits

Edward Moy emoy@apple.com
Tue, 3 Feb 2004 12:35:54 -0800


I don't know the history or initial reason why this extra code to 
modify the permission bits was added to darwin/macosx.  But starting 
with the 1.2.10a version, that "feature" can be turned off, using the 
afssettings mentioned below.

Edward Moy
emoy@apple.com
---------------------------------------------------------------
(This messages is from me as a reader of this list, and not a statement 
from Apple.)

On Feb 3, 2004, at 6:32 AM, David Botsch wrote:

> Are these new permission things only there in either the Panther 
> package or
> only in 1.2.11 package?
>
> On Tue, Feb 03, 2004 at 10:26:27AM +0100, Sebastian Hagedorn wrote:
>> Hi,
>>
>> --On Montag, 2. Februar 2004 22:36 Uhr -0800 Chuck Boeheim
>> <boeheim@SLAC.Stanford.EDU> wrote:
>>
>>> We've just started looking at supporting macosx, and running afs on 
>>> it.
>>> Running openafs 1.2.10 on macosx 10.3, I observe that the unix 
>>> permission
>>> bits look quite different than they do on other platforms.  I found 
>>> some
>>> of
>>> the references to the 'permission patch', so it seems that this is
>>> deliberate, but
>>> I hadn't yet found a discussion about why this was a desireable 
>>> thing to
>>> do.
>>
>> the GUI apps can't handle the AFS bits, so e.g. the Finder won't 
>> allow you
>> to open directories for which you have AFS permissions.
>>
>>> We have some system maintenance appliations that copy config files,
>>> applications,
>>> etc from AFS space to the local disk.  They depend on replicating the
>>> permission
>>> bits from AFS to the local copy, which of course breaks with this
>>> behavior. We end up with applications and config files being world
>>> writable this way.
>>> We trust our users, but not that much!  Is there a way to configure 
>>> this
>>> behavior
>>> or otherwise get at the true bits stored in AFS?
>>
>> Check out /private/var/db/openafs/etc/config/settings.plist. You need 
>> to
>> run /private/var/db/openafs/etc/config/afssettings after you've made a
>> change.