Coda File System

Re: ACLs, PAGs and PACs

From: Andi Kleen <ak_at_muc.de>
Date: 10 Dec 1997 23:01:28 +0100
e96_lho_at_elixir.e.kth.se (Love Hörnquist-Åstrand) writes:

> > > s/NFS/NFS,RPC/ Yes, i do agree with you, the problem is that today these things
> > > does not exists, so do you really now what you need ? I dont want to buy a 
> > > foo.bar_at_FOO.BAR credentials for each service i and to use and push them into the
> > > kernel, at the same time i dont want Kerberos/whatever in the kernel. I just want
> > > to give it my krbtgt and be happy.
> > 
> > The problem exists already in the Linux kernel. smbfs (and probably ncpfs too)
> > have it. smbfs currently uses the 'specify user at mount time' hack, but that's
> > only a bad hack IMHO and not suitable for multiusre machines. I'm sure
> > the smbfs developers are interested in solving this problem too (I cc'd
> > Bill Hawes)
> 
> That my be true, but what thought of was a credentails cache/holder, like for 
> Kerberos ticken/afs tokens/DCE foo. That was what I was thoughful about.
> I too would like to have such a thingy (credentails cache/holder).

That is exactly what is needed for SMBFS. It uses a per user login, but the
current login is machine global as single user. Some framework to store the 
credentials per user is needed (so that the kernel can determine if the
accessing user has logged in and is allowed to change a file on a smbfs)

-Andi 
Received on 1997-12-10 17:35:01