User: Password:
|
|
Subscribe / Log in / New account

User and group mount options for ext filesystems

User and group mount options for ext filesystems

Posted May 17, 2012 17:47 UTC (Thu) by RobSeace (subscriber, #4435)
In reply to: User and group mount options for ext filesystems by ringerc
Parent article: User and group mount options for ext filesystems

> Let me say "Everything under /srv/users/editorial is mode 770 (dir) or 660 (file) with group 'editorial'".

Well, you can get the group inheritence already by just setting the setgid bit on the directory... Maybe we need to allow for similar user inheritence via the setuid bit? Not sure about how to do the modes, though...


(Log in to post comments)

User and group mount options for ext filesystems

Posted May 18, 2012 16:33 UTC (Fri) by jschrod (subscriber, #1646) [Link]

> > Let me say "Everything under /srv/users/editorial is mode 770 (dir) or
> > 660 (file) with group 'editorial'".

> Well, you can get the group inheritence already by just setting the
> setgid bit on the directory...

How do you enforce a gid change when a file is mv'ed into that directory? setgid only works for newly created files.

User and group mount options for ext filesystems

Posted May 18, 2012 16:59 UTC (Fri) by RobSeace (subscriber, #4435) [Link]

Hmmm, true enough... I guess I always figured it'd work for mv'd files too, but never tried... Bummer...

User and group mount options for ext filesystems

Posted May 21, 2012 1:13 UTC (Mon) by ringerc (subscriber, #3071) [Link]

`chmod g+s` is all well and good as far as it goes, but it doesn't go far.

As others have noted, it has no effect on moved files or directories, so you land up with subtrees with different permissions that're incorrect for that working group.

More importantly, it doesn't affect the permissions bits. What I really need is to be able to force the group permissions bits to a fixed mode whenever a file is created in or moved into a directory *or* *any* *sub* *directory*. That mode may be g=rwX if I want to use inherited POSIX ACLs instead.

The fact that these issues cause such hassle that I was considering mounting local directories via samba and CIFS (so I could use Samba to remap all permissions) should tell you something!

In truth, I hate to say what I've done in the end is replace our Samba server with a Win2k8 box, and have the Linux boxes mount its storage over CIFS. All these pain points just go away, to the point where I think Windows is currently a much better file server for Linux boxes than Linux its self is at least for some workloads. For one thing, I have volume shadow copy snapshots now, which are so massively better than LVM snapshots that it's hard to believe.

I did this partly because Samba isn't usable as a primary domain controller for Windows 7 machines; our Samba PDC had to go anyway. I was reluctant to do it initially, but after my experience with win2k8 I'm going to be very reluctant to go back to Linux and Samba file servers again. Not unless LVM snapshot expiry stops sucking and preventing the machine from booting, LVM learns to co-operate with the file system(s) on top of it for snapshot management, permissions management for shared access modes stops being so horrible, and of course Samba 4 eventually hits release.

Note that I'm not demanding that any of these things magically happen or whining that they aren't happening. I'm not doing the work to make it so, so I have no right to. Doesn't mean I won't use whatever's best for the job right now.

(Of course, now I'm trying to resist being saddled with Microsoft Exchange. I don't want to give up Cyrus IMAPd and Postfix, but pressure for a working shared calendar and address book is growing within the organisation, and there isn't much out there...)

User and group mount options for ext filesystems

Posted May 31, 2012 16:38 UTC (Thu) by nye (guest, #51576) [Link]

>In truth, I hate to say what I've done in the end is replace our Samba server with a Win2k8 box, and have the Linux boxes mount its storage over CIFS. All these pain points just go away, to the point where I think Windows is currently a much better file server for Linux boxes than Linux its self is at least for some workloads. For one thing, I have volume shadow copy snapshots now, which are so massively better than LVM snapshots that it's hard to believe.

Unless you have a powerful technical or ideological objection, I would seriously recommend taking a good, hard look at Solaris.

I've only been trialling Openindiana for a couple of weeks, so it's certainly possible that there are major headaches to come, but so far it has been an incomparably better experience than using Linux + Samba - so much so that I deeply regret wasting my life on the latter for so long.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds