filesystem permissions using dump on live filesystem
Garance A Drosihn
drosih at rpi.edu
Mon Feb 23 21:32:13 PST 2004
At 11:47 PM -0500 2/23/04, Aaron Peterson wrote:
> > i put a user in the operator group in /etc/group:
>
>-snip-
>
>> and attempted to dump a live filesystem:
>
>-snip-
>
>> what am i missing here?
>
>nevermind. i had to log out and log back in. that solved my
>problems. now my only question is why does one have to log
>out and log in for addition to a new group to take effect?
It is expected that the list of groups that you are a member of
will not change very frequently. Thus, the list of your groups
is computed at login time, and is kept in memory.
If this was not done, then *anything* which checked your groups
for access (such as reading a file) would have to read through
all of /etc/group to re-calculate that list of groups. Now, it
would be easy enough to optimize that simple case (on a machine
using just /etc/group), but there is no simple optimization if
on machines which are using something like NIS+ or other network
directory services to hold the group information.
If we really really had to, we could implement something that
did that job acceptably well, but it's much easier to just
tell people "log out, and log back in". Or don't even logout,
just 'ssh -l localhost' and start a new session.
--
Garance Alistair Drosehn = gad at gilead.netel.rpi.edu
Senior Systems Programmer or gad at freebsd.org
Rensselaer Polytechnic Institute or drosih at rpi.edu
More information about the freebsd-questions
mailing list