On Mon, Jun 20, 2005 at 10:21:07AM +0200, Dirk Heinrichs wrote: > Am Montag, 20. Juni 2005 08:49 schrieb ext Christophe BERNARD: > > > I was wondering if there exists a tool like slocate which can run on > > openafs partitions. > > In most standard installations of slocate, indexing any network filesystems > is just switched off in the configuration file. > > Just edit /etc/updatedb.conf and remove "afs" from the PRUNEFS variable, > then run updatedb. > > However, it may be a good idea to recompile slocate so that it puts it's > database into AFS. This way, updatedb can be run on one machine, but the > database can be accessed from all clients.
It isn't as simple as that. First, don't just remove afs from PRUNEFS if you are using a global CellServDB, or else you will try to index the entire global AFS space. Not what you want to do. Presumably it shouldn't be too tough to restrict updatedb to doing only your cell. The other tricky thing that comes to mind is that on a normal local filesystem, updatedb runs as root, and can read everything. then when a user runs slocate, it checks file permissions to make sure that you have read access to a file before it displays it to you (so other users cannot see the names of your files). To duplicate this behavior under AFS may require modifying slocate to understand ACLs, and would require running the updatedb process with afs system administrator access. Finally, slocate assumes that only the slocate binary (or anything setgid to slocate's group) can read the database (again, so people can't see what file names other people have). If you want to assure that behavior continues you'll need to figure out how to give slocate access to a directory containing the database without giving the user running it that access. Which I think is possible but my brain is a little slow this morning so i can't think of how. if you just want a "locate" and not a "secure locate" it should be good enough to index everything with system admin access, and make the database readable by everyone. danno -- dan pritts - systems administrator - internet2 734/352-4953 office 734/834-7224 mobile _______________________________________________ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info