private group administration

seth vidal skvidal at fedoraproject.org
Sat Oct 18 14:53:05 UTC 2008


On Sat, 2008-10-18 at 10:40 -0400, Colin Walters wrote:
> 2008/10/18 Till Maas <opensource at till.name>:
> > On Sat October 18 2008, Colin Walters wrote:
> >> On Fri, Oct 17, 2008 at 8:12 PM, Matthew Woehlke
> >>
> >> <mw_triad at users.sourceforge.net> wrote:
> >> > If 'chmod g+w file;chgrp foo file' is too much work then there should be
> >> > a command that can do both.
> >>
> >> Groups are broken.  Use access control lists: "man setfacl"
> >
> > ACLs inherit the brokenness of groups, e.g. it is not possible to enforce that
> > everything within a certain directory is owned by everyone of a group,
> 
> The point is with ACLs you don't need the files to have a specific
> ownership (user/group) as long as they have the right ACLs for access.
>  A good way to do this is to avoid groups entirely and just add the
> users you want individually.

If there are enough people working on a project this does not scale.

-sv





More information about the fedora-devel-list mailing list