On Fri, 6 Nov 2009, James Andrewartha wrote:
> How about attacking it the other way? Sign the SCA, get a sponsor and put
> the fix into OpenSolaris, then sustaining just have to backport it.
> http://hub.opensolaris.org/bin/view/Main/participate
Do you mean the samba bug or the NFS bug?
For the
On Nov 6, 2009, at 11:23 PM, "Paul B. Henson" wrote:
NFSv3 gss:
damien cfservd # mount -o sec=krb5p ike.unx.csupomona.edu:/export/
user/henson /mnt
hen...@damien /mnt/sgid_test $ ls -ld
drwx--s--x+ 2 henson iit 2 Nov 6 20:14 .
hen...@damien /mnt/sgid_test $ mkdir gss
hen...@damien /mnt/
On Thu, 5 Nov 2009, Miles Nordin wrote:
> allowing the first local patch into your site? or you are running a
> closed-source release where you have to roll over and beg for support?
We're running Solaris 10. It does seem like I spend an undue amount of time
lately dealing with Sun support, I hav
> "pbh" == Paul B Henson writes:
pbh> I've got a cron job running every hour on the backend servers
pbh> crawling around and fixing permissions on new directories :(.
To my view, if there's a problem it's first with the build system,
second with NFS. You can fix Solaris to do what you
On Tue, 3 Nov 2009, Ross Walker wrote:
> Maybe this isn't an interoperability fix, but a security fix as it allows
> non-Sun clients to bypass security restrictions placed on a sgid
> protected directory tree because it doesn't properly test the existence
> of that bit upon file creation.
>
> If a
On Nov 2, 2009, at 2:38 PM, "Paul B. Henson" wrote:
On Sat, 31 Oct 2009, Al Hopper wrote:
Kudos to you - nice technical analysis and presentation, Keep
lobbying
your point of view - I think interoperability should win out if it
comes
down to an arbitrary decision.
Thanks; but so far tha
On Sat, 31 Oct 2009, Al Hopper wrote:
> Kudos to you - nice technical analysis and presentation, Keep lobbying
> your point of view - I think interoperability should win out if it comes
> down to an arbitrary decision.
Thanks; but so far that doesn't look promising. Right now I've got a cron
job
On Thu, 29 Oct 2009 casper@sun.com wrote:
> Do you have the complete NFS trace output? My reading of the source code
> says that the file will be created with the proper gid so I am actually
> believing that the client "over corrects" the attributes after creating
> the file/directory.
Just
On Thu, Oct 29, 2009 at 8:52 PM, Paul B. Henson wrote:
> On Thu, 29 Oct 2009 casper@sun.com wrote:
>
> > Do you have the complete NFS trace output? My reading of the source code
> > says that the file will be created with the proper gid so I am actually
> > believing that the client "over co
On Fri, 30 Oct 2009, Darren J Moffat wrote:
> Have you tried using different values for the per dataset aclinherit or
> aclmode properties ?
We have aclmode set to passthrough and aclinherit to passthrough-x (thanks
again Mark!). We haven't tried anything else.
> I'm not sure they will help you
Paul B. Henson wrote:
I posted a little while back about a problem we are having where when a
new directory gets created over NFS on a Solaris NFS server from a Linux
NFS client, the new directory group ownership is that of the primary group
of the process, even if the parent directory has the sg
On Thu, 29 Oct 2009 casper@sun.com wrote:
> Do you have the complete NFS trace output? My reading of the source code
> says that the file will be created with the proper gid so I am actually
> believing that the client "over corrects" the attributes after creating
> the file/directory.
I dug
On Thu, 29 Oct 2009 casper@sun.com wrote:
> Do you have the complete NFS trace output? My reading of the source code
> says that the file will be created with the proper gid so I am actually
> believing that the client "over corrects" the attributes after creating
> the file/directory.
Yes,
>I posted a little while back about a problem we are having where when a
>new directory gets created over NFS on a Solaris NFS server from a Linux
>NFS client, the new directory group ownership is that of the primary group
>of the process, even if the parent directory has the sgid bit set and is
I posted a little while back about a problem we are having where when a
new directory gets created over NFS on a Solaris NFS server from a Linux
NFS client, the new directory group ownership is that of the primary group
of the process, even if the parent directory has the sgid bit set and is
owned
15 matches
Mail list logo
