[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: rsync [was Re: 10.4.9 just hit the streets]

Subject: Re: rsync [was Re: 10.4.9 just hit the streets]
From: Dan Shoop <email@hidden>
Date: Fri, 16 Mar 2007 17:37:47 -0400
Delivered-to: email@hidden
Delivered-to: email@hidden

At 5:24 PM +0100 3/16/07, Axel Luttgens wrote:

On 15/03/07 13:15, Giuliano Gavazzi wrote:
[...] but when transferred back to the original machine the ACL is fine again.. so that's not so bad...

I wonder, does this mean that ACLs are stored in a machine dependent way??
AFAIK, the general principle is:
   - an ACL is bound to an UUID, not a name, or a UID, or a GID
   - when an UUID is generated for an object (user, group...), that
     UUID is (should be) unique throughout time and space


Correct.

Note that the ACL I used is:
0: user:root allow read
and root is always uid 0.
Assuming you have to boxes on which root has been assigned an UUID, root on box A is not root on box B, even if they both have the same name/UID.


I thought I said this before, but I guess it was missed.

Glad that someone else is repeating it to, maybe it will have more weight ;)

Now, the root user will not always have an UUID. This is for example the case on a OS X client on which root has never been activated and/or never logged in. In such a case, it seems that a temporary UUID will be associated to root: FFFFEEEE-DDDD-CCCC-BBBB-AAAA00000000 More generally, every user without an explicit UUID will have FFFFEEEE-DDDD-CCCC-BBBB-AAAAuuuuuuuu as a temporary UUID, where uuuuuuuu is the user's UID. In such cases, users on differing boxes may share a same (pseudo-)UUID and thus have "portable" ACLs.

Never noticed that, then again I can't recall the last time I touched a box w/o root. --

-dhan

------------------------------------------------------------------------
Dan Shoop                                                   AIM: iWiring
Systems & Networks Architect                      http://www.ustsvs.com/
email@hidden                                http://www.iwiring.net/
1-714-363-1174

"The wise man doesn't give the right answers, he poses the right
questions." -- Claude Levi-Strauss

------------------------------------------------------------------------

iWiring provides systems and networks support for Mac OS X, unix, and
Open Source application technologies at affordable rates.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden

This email sent to email@hidden

References:
	>10.4.9 just hit the streets (From: Philip Ershler <email@hidden>)
	>Re: 10.4.9 just hit the streets (From: Guillaume Gete <email@hidden>)
	>rsync [was Re: 10.4.9 just hit the streets] (From: Dan Shoop <email@hidden>)
	>Re: rsync [was Re: 10.4.9 just hit the streets] (From: Gustavo Beathyate <email@hidden>)
	>Re: rsync [was Re: 10.4.9 just hit the streets] (From: Giuliano Gavazzi <email@hidden>)
	>Re: rsync [was Re: 10.4.9 just hit the streets] (From: Giuliano Gavazzi <email@hidden>)
	>Re: rsync [was Re: 10.4.9 just hit the streets] (From: Axel Luttgens <email@hidden>)

Prev by Date: Re: 10.4.9 hangs: / is disabled?
Next by Date: Re: rsync [was Re: 10.4.9 just hit the streets]
Previous by thread: Re: rsync [was Re: 10.4.9 just hit the streets]
Next by thread: Re: rsync [was Re: 10.4.9 just hit the streets]
Index(es):
- Date
- Thread

Home