| T.R | Title | User | Personal
Name | Date | Lines |
|---|
| 9025.1 | looks like IPMT time! | NETRIX::"[email protected]" | Ann Majeske | Tue Mar 04 1997 12:32 | 17 |
| Sandy,
Knowing you, I'm assuming that you've already double checked that ACLs are
installed/enabled on all the systems in question. ;^)
I did a "quick" check of all of our V4.0 development pools and V4.0 support
pools. As far as I can tell, there were no ACL related changes between
V4.0/V4.0a/V4.0b/V4.0<next>, and there have been no ACL related patches for
V4.0/V4.0a/V4.0b. I don't have V4.0 or V4.0b installed on my system, so
I can't easily reproduce the problem.
I think that this is more than a simple "ACLs don't work on V4.0", because I
know that we did extensive testing of ACLs on V4.0 and I hope we would have
noticed something that obvious!
Ann
[Posted by WWW Notes gateway]
|
| 9025.2 | kernel maybe.. | RHETT::LACORTI | | Tue Mar 04 1997 12:53 | 9 |
| Ann,
I just thought about this. and checked the kernel... I would think
that if you did not have ACL in your kernel you would get an error
message.... It does not give one..
Will verify with customer...
Thanks
|
| 9025.3 | | NETRIX::"[email protected]" | Ann Majeske | Wed Mar 05 1997 13:55 | 28 |
| Sandy,
The rational was that you should always be able to set, modify, or show an ACL
on a file, but the ACL is only used if ACLs are turned on in the kernel. I
know there are arguments for both sides, but I think we decided on the current
behavior for several reasons including:
- customers might want to get all of their acls set up and then turn them
on all at once.
- how do you handle reading an archive tape made on a system with ACLs onto
a system without ACLs if you don't have this type of latent support.
- how do you handle it if after awhile the customer decides to turn off
ACLs (because of a nasty bug with them, or whatever) and can't (or won't)
remove all of his ACLs before turning off ACL processing. How would they
remove all of the remaining ACLs?
- ACLs are just a special type of property list attached to the file.
you can change the property list whether ACLs are enabled or not. It
would be difficult to justify the distinction that these specific
property
lists can only be manipulated if ACLs are enabled.
There are some more reasons that I can't remember off the top of my head, but
this should at least give you an idea of the type of issues involved. I know
there are some pretty good arguments for not allowing any manipulation of
ACLs when ACLs are disabled, too. But, we had to make a decision one way or
the other.
Ann
[Posted by WWW Notes gateway]
|
| 9025.4 | customer now happy... | RHETT::LACORTI | | Wed Mar 05 1997 17:33 | 5 |
| ok.. A lesson learned.. You know I will ALWAYS look at the kernel
for acl's from now on...
Thanks
sandy
|
| 9025.5 | | NETRIX::"[email protected]" | Ann Majeske | Thu Mar 06 1997 10:44 | 8 |
| Sandy,
I'm going to enter a QAR on this, because we really should have an easier,
more obvious way to tell if ACLs are enabled. I imagine your customer is
not the only one to have this problem.
Ann
[Posted by WWW Notes gateway]
|