On Nov 12, 2011, at 12:58 AM, Ian Stokes-Rees wrote: > That is a great post, and I'll forward it to Peter who I'm sure will be > interested. Unfortunately the last paragraph or two describe that even with > rpc.mountd there is a limit of ~150-200 groups. We'd already be hitting that > limit with our current system. I need to at least be able to support 2000 > users, and ideally 10k to 100k.
Yikes. I see a management nightmare in your future trying to handle this scenario with ACLs. > I think the chmod u+t,g+t approach is currently the most promising, I'm confused: +t adds the sticky bit, which means users in a shared directory can only delete their own files/dirs. There's no user/group context to the sticky bit. If you mean u+s,g+s (SUID, SGID), I'm not sure that SUID on directories does what you think it does. I'm pretty sure on Linux it's ignored. Someone correct me if I'm wrong. Do your users need shell access or just SSH-based access _to their files_? Modern OpenSSH allows for SFTP-only chroot, which might be a good option unless the users need to be able to execute arbitrary commands. ~irl _______________________________________________ bblisa mailing list [email protected] http://www.bblisa.org/mailman/listinfo/bblisa
