It seems that unauthenticated clients do not have the permissions that they should have. I want unauthenticated users to be able to do an ls in the root dir of the realm. It seems I must be missing something, but a search of the mail archives and documentation has so far been fruitless.
My understanding was that the System:AnyUser group determines
permissions for unauthenticated users, yet look at the following:
# cfs la /coda/myrealm
System:AnyUser rl
System:Administrators rlidwka
# ctokens
Tokens held by the Cache Manager for root:
@myrealm
Not Authenticated
# ls /coda/myrealm
ls: /coda/myrealm/: Permission denied
If I authenticate as a user, I can view everything properly. So it
seems that the unauthenticated user isn't being associated with
System:AnyUser. pdbtool list has this (I've cut some things out):
USER System
* id: 1
* belongs to groups: [ -2 ]
* cps: [ -2 1 ]
* owns groups: [ -2 ]
GROUP System:AnyUser OWNED BY System
* id: -2
* owner id: 1
* belongs to no groups
* cps: [ -2 ]
* has members: [ 1 ]
GROUP System:Administrators OWNED BY codaroot
* id: -1
* owner id: 500
* belongs to no groups
* cps: [ -1 ]
* has members: [ 500 ]
Does System:AnyUser or System need a magic id number? Or do I need a
special user account? I was trying to see what you did at
coda.cs.cmu.edu to make this work, but I'm unable to do more than a `cfs
la` and that looks identical to mine.
Anyone have any thoughts? I'm sure this has been covered in the
mailing list, but I'm just having a hard time finding it. Believe me,
I've tried.
This is using coda 6.0.8.
Thanks,
--
Patrick Walsh
eSoft Incorporated
303.444.1600 x3350
http://www.esoft.com/
signature.asc
Description: This is a digitally signed message part
