"Inherit Permissions" request for comments
Mayers, P J
p.mayers at ic.ac.uk
Sat Jun 3 18:06:57 GMT 2000
I wholly agree with obeying the setgid if igo=no. To do otherwise would be
bad behaviour of the highest order.
It *might* be useful (I can't see myself ever using it) to have a "force
inherit group owner" which would have the following:
force igo = no (default)
igo: no igo: yes
+--------+---------+
setgid: no | p | d |
+--------+---------+
setgid: yes | ? | d |
+--------+---------+
force igo = yes
igo: no igo: yes
+--------+---------+
setgid: * | p | d |
+--------+---------+
It's pretty icky. *But* it could be added in cleanly afterwards if needed,
so I see no problem with David's suggestion, in that if some (sick, twisted)
people need the force igo option, it can build on top of
the igo option.
My 2 pence.
Cheers,
Phil
-----Original Message-----
From: Jeremy Allison
To: Multiple recipients of list SAMBA-TECHNICAL
Sent: 6/2/00 9:00 PM
Subject: Re: "Inherit Permissions" request for comments
David Lee wrote:
>
> My own view is coming round to encouraging using the directory's group
and
> discouraging using the process's group. That is, that the "?" become
"d"
> in the table above. We end up with:
>
> if (igo == yes) {
> make all reasonable efforts to adopt group-owner of directory,
> irrespective of setgid bit
> }
> else {
> follow setgid bit
> }
>
> One remaining question: the default. The current behaviour is
equivalent
> to "igo == no". Are there any compelling issues one way (UNIX
semantics,
> igo==no) or the other (NT semantics, igo==yes)? If not, we just need
a
> consensus from interested parties. Someone needs to do an opinion
poll.
>
> Seem OK?
*Excellent* summation ! My own preference would be to keep
the current behaviour of defaults being igo=no with your
matrix. That way lies the principle of least suprises for
the current installs.
This definately looks like a go for 2.2.0 to me. It allows
the desired behaviour.
Any other comments ?
Jeremy.
--
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------
More information about the samba-technical
mailing list