ACL database

Christopher R. Hertel crh at nts.umn.edu
Mon Mar 26 18:31:48 GMT 2001


Just my 2cents to the discussion.

When I got back from Connectathon I suggested that this sort of thing
would work very well on appliance servers.  That is, systems with
controlled access to the underlying filesystem so that all file I/O would
need to come through the Samba VFS layer, thus preventing problems keeping
the database in sync with the actual filesystem.  JF talked about picking
up the idea. 

The other thought that I presented, one that might prove simpler than 
running a daemon to keep the database in sync, was to create a "wrapper" 
filesystem that used the native filesystem plus the kind of database 
you've described.  The OS would actually mount the wrapper filesystem, 
thus forcing all file access to go though the ACL database system, but 
the wrapper would access the underlying system.

There are a lot of ways that this could be done.  It is just an idea, but
it might prove easier and more reliable than running a daemon.  Needs
study. 

Chris -)-----

> "Mayers, Philip J" wrote:
> > 
> > I suggested this a *long* time ago (couple of years, before the VFS layer
> > IIRC) and was shot down in flames, for ease-of-use, engineering and
> > performance reasons. I'll be very interested to see if this works.
> 
> Yes, this was before we had tdb, vfs and a very easy way to store external
> data. It'll be slower, and we definately don't want it to be the only
> permission check due to security concerns. But thinking has changed
> along these lines since it was first proposed :-) :-).
> 
> Cheers,
> 
> 	Jeremy.
> 
> -- 
> --------------------------------------------------------
> Buying an operating system without source is like buying
> a self-assembly Space Shuttle with no instructions.
> --------------------------------------------------------
> 


-- 
Christopher R. Hertel -)-----                   University of Minnesota
crh at nts.umn.edu              Networking and Telecommunications Services

    Ideals are like stars; you will not succeed in touching them
    with your hands...you choose them as your guides, and following
    them you will reach your destiny.  --Carl Schultz





More information about the samba-technical mailing list