Re: Exporting UID to userspace?

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Mike Waychison <Michael.Waychison@Sun.COM>
To: "Dimitry V. Ketov" <Dimitry.Ketov@avalon.ru>
Cc: autofs@linux.kernel.org
Subject: Re: Exporting UID to userspace?
Date: Thu, 10 Jun 2004 12:59:45 -0400	[thread overview]
Message-ID: <40C89381.2060002@sun.com> (raw)
In-Reply-To: <E1B7C89B8DCB084C809A22D7FEB90B3841AD@frodo.avalon.ru>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dimitry V. Ketov wrote:
>>-----Original Message-----
>>From: Mike Waychison [mailto:Michael.Waychison@Sun.COM]
>
>
>>>>>>If the idea is to have a 'Network Neighborhood' inside
>>>>
>>>>each user's
>>>>
>>>>>>>homedir, you could write an executable map for /home
>>>>>>
>>>>>>It will hide /home directory content.
>>>>>
>>>>>No. It wouldn't presuming that your /home subdirs are automounted.
>>>
>>>
>>>What if my home dirs is not automounted from network server? I just
>>>simply want it for local users.
>>>
>>
>>Well, in that case you'd have to use direct mounts (which
>>don't work as expected in automount4).  Alternatively, you can always
>>
>>mkdir /export
>>mv /home /export
>>
>>And start automounting your home directories from localhost.   Don't
>>worry, automount will detect it being local and will not use
>>NFS, rather it will --bind mount the filesystems, so there is
>>no performance hit.
>
> ;) Yes, I thought about it, but it's rather ugly solution (as for me),
> then it's seems better to spawn new automount process for
> ~user/NetworkNeigboorhood at logon time and terminate it at logoff.
> This allows us to avoid UID/GID exporting problem at all, since it will
> be obvious which user's credetials to use for mount.
>
> Any objections?

Sure, you can have the mount installed at login time using pam or
similar. However, note that you'll have to verify that it works for all
login methods (desktop / telnet / ssh / ...).  Also, I don't know off
hand if you can properly detect whether someone has logged out other
than by polling utmp with a daemon.

I still think having all the homedir's automounted is a simpler
approach, even if they reside locally, if only because:

- - it will make adding users with homedir's in other places easier in the
long run.
- - all the expiry stuff is handled for you already.

It's up to you how you set it up in the end.

- --
Mike Waychison
Sun Microsystems, Inc.
1 (650) 352-5299 voice
1 (416) 202-8336 voice
mailto: Michael.Waychison@Sun.COM
http://www.sun.com

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
NOTICE:  The opinions expressed in this email are held by me,
and may not represent the views of Sun Microsystems, Inc.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAyJOBdQs4kOxk3/MRAsdyAJ9Dte6QQbTZGczArGHCmZ6lGTfgpQCfSAaL
6gzr/hqZtIzI5e8u/0KYYRk=
=dEOW
-----END PGP SIGNATURE-----

next prev parent reply	other threads:[~2004-06-10 16:59 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-06-10 16:14 Exporting UID to userspace? Dimitry V. Ketov
2004-06-10 16:59 ` Mike Waychison [this message]
  -- strict thread matches above, loose matches on Subject: below --
2004-06-10 14:55 Dimitry V. Ketov
2004-06-10 15:54 ` Mike Waychison
2004-06-09 18:10 Dimitry V. Ketov
2004-06-09 18:44 ` Mike Waychison
2004-06-10  1:13   ` Ian Kent
2004-06-08 17:47 Dimitry V. Ketov
2004-06-08 18:20 ` Robin Rosenberg
2004-06-07 12:45 Dimitry V. Ketov
2004-06-07 16:06 ` Mike Waychison
2004-06-07 22:53   ` Robin Rosenberg
2004-06-07 12:38 Dimitry V. Ketov
2004-06-08  1:15 ` Ian Kent
2004-06-08 13:12   ` Brian Long
2004-06-08 16:28     ` raven
2004-06-08 18:45       ` Mike Waychison
2004-06-05 14:00 Dimitry V. Ketov
2004-06-05 15:47 ` raven
2004-06-05 15:52   ` raven
2004-06-05 17:11     ` Robin Rosenberg
2004-06-05 17:49       ` Ian Kent
2004-06-05 20:13         ` Robin Rosenberg

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=40C89381.2060002@sun.com \
    --to=michael.waychison@sun.com \
    --cc=Dimitry.Ketov@avalon.ru \
    --cc=autofs@linux.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.