Re: [lmi] Sharing directories on a multi-user *nix system

lmi

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [lmi] Sharing directories on a multi-user *nix system

From:	Vadim Zeitlin
Subject:	Re: [lmi] Sharing directories on a multi-user *nix system
Date:	Mon, 23 Sep 2019 23:27:26 +0200

On Mon, 23 Sep 2019 17:34:15 +0000 Greg Chicares <address@hidden> wrote:

GC> Kim and I both want to use the /opt/lmi directory on our *nix
GC> server. I'd never worked in a multi-user environment like this,
GC> so I guessed that the solution might be ACLs, but...
GC> 
GC> The server seems not to enable acl:
GC>   # tune2fs -l /dev/whatever
GC>   invalid superblock

 I'm not sure why doesn't tune2fs work for you, could you have passed it
the entire block device instead of the partition on which the file system
is mounted? You can use "mount" to check for this.

GC> but maybe it's on by default anyway? (this is XFS, so it should be)

 I'd just try using setfacl/getfacl to check that they work, if you want to
use the ACLs.

GC> Then I rethought that, and took a much simpler approach:
GC> 
GC> # Set up an 'lmi' group...
GC> sudo groupadd lmi
GC> # for U = my id and U = Kim's id both:
GC> sudo usermod -a -G lmi ${U}
GC> 
GC> # if root already owns /opt (as is likely):
GC> chown root:sudo /opt/lmi
               ^^^^
 This should have been "lmi".

GC> chmod g+w /opt/lmi
GC> ls -dl /opt/lmi
GC> 
GC> # ...and similarly for a /cache_for_lmi directory
GC> 
GC> Vadim, is there anything wrong with that?

 I don't think there is anything wrong with this as far allowing lmi to use
/opt/lmi goes, i.e. I don't see any need for the more advanced ACLs here,
when primitive group-based access control works just fine.

 However I think that ideally it should be possible to either replace
/opt/lmi with an arbitrary directory (e.g. "make lmi_prefix=$HOME/lmi") or,
at least, add support for the standard[*] DESTDIR variable (e.g. allow
using "make DESTDIR=$HOME/tmp" to install in ~/tmp/opt/lmi). Under a normal
Unix system it's really not normal to require access to any directory not
belonging to the user just to build software.

 So while it could make sense to use /opt/lmi for e.g. the last officially
released version, I'd really avoid using it for the normal builds done by
different users -- this will result in conflicts/tears sooner or later.

 Regards,
VZ

[*] https://www.gnu.org/prep/standards/html_node/DESTDIR.html

pgpHnr_N21mEV.pgp
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[lmi] Sharing directories on a multi-user *nix system, Greg Chicares, 2019/09/23
- Re: [lmi] Sharing directories on a multi-user *nix system, Vadim Zeitlin <=
  - Re: [lmi] Sharing directories on a multi-user *nix system, Greg Chicares, 2019/09/23

Prev by Date: [lmi] Mounting proc and devpts for chroot [Was: Using Git submodules for the dependencies]
Next by Date: Re: [lmi] Mounting proc and devpts for chroot [Was: Using Git submodules for the dependencies]
Previous by thread: [lmi] Sharing directories on a multi-user *nix system
Next by thread: Re: [lmi] Sharing directories on a multi-user *nix system
Index(es):
- Date
- Thread