[70] in DCNS Development
permit command
daemon@ATHENA.MIT.EDU (roden@ATHENA.MIT.EDU)
Wed Jul 17 17:00:47 1991
From: roden@ATHENA.MIT.EDU
To: developers@ATHENA.MIT.EDU
Cc: nschmidt@ATHENA.MIT.EDU
Date: Wed, 17 Jul 91 16:58:38 EDT
------- Forwarded Message
Received: by ATHENA-PO-1.MIT.EDU (5.45/4.7) id AA12492; Wed, 17 Jul 91 16:41:28 EDT
Received: from TOTO.MIT.EDU by MIT.EDU with SMTP
id AA21127; Wed, 17 Jul 91 16:41:10 EDT
Received: by Toto.MIT.EDU (5.61/4.7) id AA11233; Wed, 17 Jul 91 16:39:37 -0400
Date: Wed, 17 Jul 91 16:39:37 -0400
Message-Id: <9107172039.AA11233@Toto.MIT.EDU>
From: Mark Rosenstein <mar@MIT.EDU>
Sender: mar@MIT.EDU
To: release-73@MIT.EDU
Subject: permit command
This is my proposal for a "permit" command. It would solve a number
of problems in the NFS->AFS migration:
* users shouldn't need to know AFS is different
* fs is not friendly enough
* chmod/chgrp/chown need to work recursively with ACLS
* make_readable needs to work with AFS
Permit would be able to:
* change file/directory permissions
* change file/directory ownership
* change AFS acls
* display accessibility
* work recursively
* remember what it does for later undo
Here's a proposed spec. The following syntax is available on the unix
command line. Syntax:
permit who [option] command files
read
world recursive execute
permit [deny] group [groupname] checkpoint [file] write filename...
user [username] undo [file] show
owner
The groupname and username would default to the name of the user
executing the command. The checkpoint file would default to
/tmp/permit.ckp.
Examples:
permit world read ~
makes the user's home directory world readable
permit group 16.001 write ps-1 ps-2 ps-3
makes the three files ps-1, ps-2, and ps-3 each writable by
the members of group 16.001. This may require a chgrp & chmod
in NFS or adding an acl in AFS. If doing this also changes
the accessibility of other files, permit will print warnings
about this.
permit deny world execute vaxbin/*
makes sure that the whole world cannot execute the programs in
vaxbin.
permit world recursive read /mit/foo/src
makes the directory /mit/foo/src and everything under it world
readable.
permit user mar owner foo.bar
Changes the ownership of file foo.bar to user mar.
permit group sysdev recursive owner /source
Changes the group ownership of /source and everything
underneath it to sysdev.
permit show ~
displays the accessiblity of the user's home directory
permit user carla recursive checkpoint /tmp/foo readable /mit/project
makes /mit/project and everything under it readable by carla,
and saves in /tmp/foo a list of what it has done.
permit undo /tmp/foo
undoes everything the previous example did
I see this taking about 1 week to write, although shaking out all of
the bugs could take several more weeks.
-Mark
------- End of Forwarded Message
