Re: HAMMER update 23-jan-08

["Simon 'corecode' Schubert" <corecode@xxxxxxxxxxxx>]

Rahul Siddharthan wrote:
> YONETANI Tomokazu <qhwt+dfly@les.ath.cx> wrote:
> > Hi.  It seems that ownership and some file modes are not strictly
> > honored.
> Speaking of that, how will ownership be handled in HAMMER?

HAMMER right now is only a local file system, so these problems don't arise.

> On NFS, last I checked, the user and group IDs are assigned to the
> files on the server machine, but anyone on a client with the correct 
> user ID has access to the file.  This means root on any client can
> modify any file on the server.  So all clients need to be trusted.
> Is there a way around that in HAMMER?  

This is a nasty situation with NFS and we definitely will come up with a 
better way.  I am planning to develop a distributed file system (hopefully 
to be part of DragonFly), and I have some ideas, mainly involving public 
key cryptography.

> Also, what authentication mechanism would be used across nodes in a
> cluster: NIS, LDAP, or something else?

I think the system should be designed in a way that not every node in the 
cluster needs to know about all authentication information.  It should be 
possible to establish trust relationships between machines (or specific 
users of these machines, of course).  Then a user id wouldn't be unique in 
itself, but would require a qualifier, describing where this user id 
originates from.  You'd see users like "corecode@chlamydia.fs.ei.tum.de" 
instead of only "corecode".  Authentication then would run as a part of 
the cluster protocol.  That's only my vision, though.  I don't think there 
is anything set in stone yet.

cheers
  simon

--
Serve - BSD     +++  RENT this banner advert  +++    ASCII Ribbon   /"\
Work - Mac      +++  space for low €€€ NOW!1  +++      Campaign     \ /
Party Enjoy Relax   |   http://dragonflybsd.org      Against  HTML   \
Dude 2c 2 the max   !   http://golden-apple.biz       Mail + News   / \