[5474] in Release_7.7_team
attach in 9.9
daemon@ATHENA.MIT.EDU (Greg Hudson)
Fri Jun 2 18:04:32 2006
Date: Fri, 2 Jun 2006 18:03:46 -0400
Message-Id: <200606022203.k52M3kGf014901@egyptian-gods.mit.edu>
From: Greg Hudson <ghudson@MIT.EDU>
To: release-team@MIT.EDU
X-Spam-Score: 1.217
X-Spam-Level: * (1.217)
X-Spam-Flag: NO
I've pulled athena/bin/attach, athena/bin/quota, and athena/lib/locker
into the 9.9 source tree and started hacking on them. I've realized
I'm not quite sure what features we want to preserve and what we want
to get rid of.
Obviously attach won't be performing the actual mount, so the options
which control how or where the mount is performed must be desupported
(--explicit, --mountpoint, --setuid, etc.). On the other side,
--printpath and -Padd definitely need to work.
That leaves a misty gray area containing:
* Authentication: we could strip this functionality out and just
rely on pam_krb5 to authenticate to the cells most lockers are in;
users could still explicitly aklog to other cells. Or we could
leave it in and let people attach or add lockers to authenticate
to them. (That would also preserve the NFS authentication
functionality, which could be considered a good thing or a bad
thing.)
* Zephyr subscriptions: attaching a locker could still subscribe to
filsrv messages for that locker's server. I don't know if ops
still relies on the ability to send filsrv messages, or how
important it is to them.
* The attachtab file: explicitly attaching a locker could keep
records in the system attachtab like it currently does, allowing
us to preserve (sort of) the listing functionality of "attach"
with no arguments or with the --host argument. An attractive
aspect of removing this functionality is that it allows us to
clear the setuid bit. One alternative to maintaining the system
attachtab is adding a user-specific list of explicitly attached
lockers somewhere.
* zinit: The current functionality of zinit relies on both of the
previous two features. If attachtab functionality is removed but
zephyr subscription functionality remains, zinit could get subs
for just the homedir, but that would miss lockers attached in
.environment, so it's not very satifsying.
Any opinions?
