[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Remote repository permissions best practices
From: |
Yves Dorfsman |
Subject: |
RE: Remote repository permissions best practices |
Date: |
Wed, 30 Mar 2005 14:49:47 -0700 (MST) |
User-agent: |
SquirrelMail/1.4.4 |
> I had suggested one group per project, but that has its own set of
> difficulties:
> - Each user has a default group that is used to set permissions on new
> files
> (I know there's supposed to be a way to configure the O/S to inherit
> permissions from the parent, but our sysadmin either hasn't figured it out
> or is too busy to correct the problem).
It's the set group id on the directory (chmod g+s dirname).
> - Each full-time user would now have to be made a member of each project
> group - quite a manually-intensive, error-prone chore.
Yes this is a problem, especially if you use NIS, then you get into the 16
groups only limitation of NIS.
One thing that has helped us a bit is that the guy who implemented CVS
here had the good idea of using ACL's. So we can have one (or several)
group that have read only permission to a repository, and another (or
several) group that has read/write permission to that same repository.
Yves.
----
Yves Dorfsman address@hidden
http://www.cuug.ab.ca/dorfsmay
http://www.SollerS.ca