DragonFly kernel List (threaded) for 2008-01
DragonFly BSD
DragonFly kernel List (threaded) for 2008-01
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: HAMMER update 23-jan-08

From: "Simon 'corecode' Schubert" <corecode@xxxxxxxxxxxx>
Date: Wed, 30 Jan 2008 12:39:46 +0100

Rahul Siddharthan wrote:
YONETANI Tomokazu <qhwt+dfly@les.ath.cx> wrote:
Hi.  It seems that ownership and some file modes are not strictly
Speaking of that, how will ownership be handled in HAMMER?

HAMMER right now is only a local file system, so these problems don't arise.

On NFS, last I checked, the user and group IDs are assigned to the
files on the server machine, but anyone on a client with the correct user ID has access to the file. This means root on any client can
modify any file on the server. So all clients need to be trusted.
Is there a way around that in HAMMER?

This is a nasty situation with NFS and we definitely will come up with a better way. I am planning to develop a distributed file system (hopefully to be part of DragonFly), and I have some ideas, mainly involving public key cryptography.

Also, what authentication mechanism would be used across nodes in a
cluster: NIS, LDAP, or something else?

I think the system should be designed in a way that not every node in the cluster needs to know about all authentication information. It should be possible to establish trust relationships between machines (or specific users of these machines, of course). Then a user id wouldn't be unique in itself, but would require a qualifier, describing where this user id originates from. You'd see users like "corecode@chlamydia.fs.ei.tum.de" instead of only "corecode". Authentication then would run as a part of the cluster protocol. That's only my vision, though. I don't think there is anything set in stone yet.


Serve - BSD     +++  RENT this banner advert  +++    ASCII Ribbon   /"\
Work - Mac      +++  space for low €€€ NOW!1  +++      Campaign     \ /
Party Enjoy Relax   |   http://dragonflybsd.org      Against  HTML   \
Dude 2c 2 the max   !   http://golden-apple.biz       Mail + News   / \

[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]