diff options
author | babkin <babkin@FreeBSD.org> | 2006-06-25 18:37:44 +0000 |
---|---|---|
committer | babkin <babkin@FreeBSD.org> | 2006-06-25 18:37:44 +0000 |
commit | 3d8be823b0a2fba7792c161abc25de7109e6ecfa (patch) | |
tree | 55b915a8ffbed38f4e2c53f4f5ebebf9b363c793 /sys/conf | |
parent | 2786b968bb6e23d601bfed279577ac6a3ff7a79e (diff) | |
download | FreeBSD-src-3d8be823b0a2fba7792c161abc25de7109e6ecfa.zip FreeBSD-src-3d8be823b0a2fba7792c161abc25de7109e6ecfa.tar.gz |
The common UID/GID space implementation. It has been discussed on -arch
in 1999, and there are changes to the sysctl names compared to PR,
according to that discussion. The description is in sys/conf/NOTES.
Lines in the GENERIC files are added in commented-out form.
I'll attach the test script I've used to PR.
PR: kern/14584
Submitted by: babkin
Diffstat (limited to 'sys/conf')
-rw-r--r-- | sys/conf/NOTES | 64 | ||||
-rw-r--r-- | sys/conf/options | 1 |
2 files changed, 65 insertions, 0 deletions
diff --git a/sys/conf/NOTES b/sys/conf/NOTES index 7d610bc..79ecc5d 100644 --- a/sys/conf/NOTES +++ b/sys/conf/NOTES @@ -905,6 +905,70 @@ options QUOTA #enable disk quotas # options SUIDDIR +# The common user and group ID space for the local filesystems +# (see PR kern/14584), AKA "poor man's ACLs". +# +# From the systems administration standpoint ACLs are a pain to use: +# * they are not supported by the classic file formats like tar and cpio +# * they need lots of ugly flags to commands like chown or ls +# * they are just by themselves difficult to show in ls +# * they promote ad-hoc and messy assignment of permissions +# +# But in fact the classic Unix permissions seem to have only one real problem: +# sometimes it's neccessary to give read permissions to one group of +# users and read-write permissions to another group of users. But only +# one group is supported and that makes a problem. The common ID +# support solves this problem without breaking any compatibility. +# +# Controlled by the sysctl: +# vfs.commonid.local.enabled: Enable common UID/GID space for local filesystems +# vfs.commonid.local.low: Lowest common UID/GID value for local filesystems +# vfs.commonid.local.high: Highest common UID/GID value for local filesystems +# +# When enabled, the user and group ID space in the range [low, high] +# becomes common. That is, if there is an user with some ID in this range, +# there must not be a group with the same ID (except for a special case +# described later). Traditionally this kind of overlapping exists in the +# low values of system IDs, so the implementation won't allow to set the +# low border below 100. If it's set manually below 100, the first time +# an access check is done, the system will reset it to 100. +# +# The special case is that for the symbolic group and user names to work +# correctly, every time a user is created, a pseudo-group with the same +# ID and name must be created. And the other way around - every time +# a group is created, a pseudo-user with the same name and ID must be created. +# Otherwise command like "ls" won't show the user/group names correctly +# and command like "chown" won't understand the symbolic names correctly. +# +# The IDs in the common range can be used interchangeably in both the +# user and group fields of file permissions. For example, if you have +# groups group1 and group2 with IDs in the common range, you can do: +# chmod 240 file +# chown group1:group2 file +# This would allow the group1 to write to the file and group2 to read +# the file. +# +# This semantics works only for the access but not for modification of +# the permissions. In the example above the members of group1 aren't allowed +# to call chmod on the file. Such changes must be done either by root +# or through the pseudo-user group1. +# +# If it's desiable to give the "owner group" of some files (like group1 +# in this example) the rights to change the permissions of all the files +# it owns, it can be achieved through cloning the chmod binary and +# adding the pseudo-user setuid rights to it: +# cp /bin/chmod /usr/local/bin/group1chmod +# chown group1 /usr/local/bin/group1chmod +# chmod u=xs,g=,o= /usr/local/bin/group1chmod +# A similar thing can be done for chown. +# In result all the members of group1 would be able to execute group1chmod, +# which would assume the ID of pseudo-user "group1" and will be able +# to change the file permissions. +# +# This logic does not work on the remote filesystems (such as NFS). + +options COMMONID # Enable support for common UID/GID space + # NFS options: options NFS_MINATTRTIMO=3 # VREG attrib cache timeout in sec options NFS_MAXATTRTIMO=60 diff --git a/sys/conf/options b/sys/conf/options index 19cca6f..2aee2d4 100644 --- a/sys/conf/options +++ b/sys/conf/options @@ -163,6 +163,7 @@ VFS_AIO VERBOSE_SYSINIT opt_global.h WLCACHE opt_wavelan.h WLDEBUG opt_wavelan.h +COMMONID opt_commonid.h # POSIX kernel options P1003_1B_MQUEUE opt_posix.h |