|
|
Sponsored Content
Top Forums
UNIX for Dummies Questions & Answers
Security Setup
Post 42675 by Perderabo on Saturday 1st of November 2003 04:20:49 PM
11-01-2003
There is room in the inode of a file for a uid and gid. But no room for an acl. So any acl's you create get stored in inode extentions of some kind. And they don't fly off the disk and into core for free.
Using acl's when a single gid is enough would be crazy. It's not the disk overhead, it's the confusion overhead. Acl's will be invisible to your ftp users. That could result in behavior that they don't understand. Look at this post. Would you have set that mask?
Here is a challenge for your sysadmins: Create a sample directory structure using acl's for 3 users. Back up the sample directory structure using any technique. Destroy the sample directory structure. Now restore it. Sounds like 15 minute job, doesn't it?
Using acl's when a single gid is enough would be crazy. It's not the disk overhead, it's the confusion overhead. Acl's will be invisible to your ftp users. That could result in behavior that they don't understand. Look at this post. Would you have set that mask?
Here is a challenge for your sysadmins: Create a sample directory structure using acl's for 3 users. Back up the sample directory structure using any technique. Destroy the sample directory structure. Now restore it. Sounds like 15 minute job, doesn't it?
|
|
We Also Found This Discussion For You
1. AIX
I know that IBM's official stance is that NIM does not work on etherchannel environment, but has anyone able to get around it?
I'm working on a p5-590 LPAR system, and the NIM master and clients are all on the same frame.
Any help is appreciated. (1 Reply)
Discussion started by: pdtak
1 Replies
LEARN ABOUT SUNOS
asadmin-delete-acl
asadmin-delete-acl(1AS) User Commands asadmin-delete-acl(1AS) NAME
delete-acl - removes the access control list file SYNOPSIS
delete-acl --user admin_user[--password admin_password][--host localhost] [--port 4848][--passwordfile filename][--secure|-s][--instance instance_name] acl_ID Gets the access control lists associated with the named server instance.. OPTIONS
--user administrative user associated for the instance. --password administrative password corresponding to the administrative user. --host host name of the machine hosting the administrative instance. --port administrative port number associated with the administrative host. --secure indicates communication with the administrative instance in secured mode. --passwordfile file containing passwords appropriate for the command (e.g., administrative instance). --instance name of the instance. OPERANDS
acl_ID internal name for the ACL file listing. This ID is used in a virtual server element to define the ACL file used by the virtual server. Example 1: Using delete-acl asadmin> delete-acl --user admin --password adminadmin --host fuyako --port 7070 --instance server1 sampleACL Deleted ACL with id = sampleACL Where: sampleACL is the ACL that is deleted. EXIT STATUS
0 command executed successfully 1 error in executing the command INTERFACE EQUIVALENT
Access Control List page asadmin-create-acl(1AS), asadmin-list-acl(1AS) J2EE 1.4 SDK March 2004 asadmin-delete-acl(1AS)