Hi, yesterday I'm running in an (old) problem - with unionfs I get the same effect in the following szenario:
- Samba is installed on a live cdrom for authentication of squid against an active directory. - the critical point is the directory /var/lib/samba/winbindd_privileged. It is on the readonly branch (cdrom) and with the following permissions: drwxr-x--- 2 root root 4096 May 15 20:06 winbindd_privileged - Calling ntlm_auth (for AD authentication) from squid needs drwxr-x--- 2 root proxy so I only changed the group ownership and restarted all relevant processes. It won't work. I don't know why, but squid seems to get always the group ownership from the read only branch. Starting ntlm_auth with su -c works as expected (may be there is a difference between real and effective group id - but this should not occur). For a workaround I moved winbindd_privileged to winbindd_privileged.x and created a new directory winbindd_privileged with correct group ownership. Now it works. I believe renaming this way was not possible with unionfs ;-) Did the aufs code differentiate between effective and real user/group ownership? Or is changing permissions of the read only layer a problem in general? -> aufs 20070514 with the latest patch (manually added) we discussed to days ago, kernel 2.6.21.1 <- Wolfgang -- <wob (at) swobspace de> * http://www.swobspace.de ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/