inherit mode (was Where to submit patches?)

[David Lee]

On Thu, 26 Aug 1999, Jeremy Allison wrote:

> Andy Bakun wrote:
> > 
> > When you say "per-directory" I assume that means you set "inherit mode" on the
> > share, and then administrate the modes on the directories in the share
> > individually.  I don't like the dot files idea either.
> 
> Yes. Dot files are a non-starter :-).
> 
> > I've gotten around the lack of inheriting permissions by forcing all my shares
> > to 077x, and then defining groups composed of the people who can write to them,
> > and using the setgid bit on the directories.  This gets extremely hairy
> > maintaining all the groups -- thank god my user base is small.  It would be nice
> > to have sub directories have permissions different than their parents, which as
> > you know you can't currently do because you can only force modes on the entire
> > share.  Obviously, it would not be good to use both inherit mode and force mode
> > on the same share.
> 
> Now that brings up an interesting point. What should
> the interaction between the two be ?
> 
> My gut feeling is to apply the permissions derived from "inherit"
> first, instead of doing any ANDing with "create mask", then apply
> any "force" modes. That way the force modes still don't cause any
> suprises (ie. they still apply) and the "inherit" modes replace the
> "create mask" AND process on directories with setgid and shares that
> have "inherit" set ?

My implementation of "inherit mode" was very simple (both to explain to
users and also do):  at any arbitrary point in a directory tree, the
permissions for new files and directories are simply those of the
immediate parent (files inherit rw bits, dirs inherit all bits (including
setgid, sticky, ...).  So imagine a "private", a "group" and a "public" 
directory all within a single share (e.g. [homes]):  everything created in
them gets private/group/public permissions recursively dowanwards.
Delightfully simple (I believe mathematicians say "elegant").

I can see that there might be case for applying "force mode", to protect a
user against themselves if they do something daft such as set their
[homes] directory to 777 !   But this should be an option.

Thus my original boolean "inherit mode" (overrides all create/force mask
issues) might become "inherit mode = no/yes/force/create".  This becomes
more complicated.  (See also other message about "inherit mode = setgid" 
option!)

I'm a great believer in flexibility.  But also in simplicity.  My concern
is that squeezing the last couple of percent of flexibility for a few
experts might make it a lot more complicated and potentially error-prone
(a) to implement (b) to adminster (c) to explain to users.

-- 

:  David Lee                                I.T. Service          :
:  Systems Programmer                       Computer Centre       :
:                                           University of Durham  :
:  Phone:    +44 191 374 2882 (ddi)         South Road            :
:  Fax:      +44 191 374 7759               Durham                :
:  Internet: T.D.Lee at durham.ac.uk           U.K.                  :