Incorrect Permission Update?

Willi Langenberger wlang at wu-wien.ac.at
Sun Sep 24 00:09:57 CEST 2000 

Hi Arla-drinkers!

It seems that under some conditions (without a PAG) arla doesn't
update the access permissions properly. Here is what i observed
(Redhat 6.1/6.2, arla-0.33/0.34.3):

It's about a directory with following permissions:

  # fs la /afs/wu-wien.ac.at/home
  Access list for /afs/wu-wien.ac.at/home is
  Normal rights:
    system:administrators rlidwka
    system:authuser rlk

First, let's start a new arla world:

  # /etc/rc.d/init.d/arla stop
  # /etc/rc.d/init.d/arla start          (arlad with -z)

We have *no* PAG (and no token):

  # groups
  root bin daemon sys adm disk

We try the above directory:

  # ls /afs/wu-wien.ac.at/home
  ls: /afs/wu-wien.ac.at/home: Permission denied

Thats ok, since we have no token yet and /afs/wu-wien.ac.at/home has
read permissions only for at least "system:authuser".  So let's get a
token and try again:

  # klog wlang
  wlang at wu-wien.ac.at's Password: ********
  # ls /afs/wu-wien.ac.at/home
  ls: /afs/wu-wien.ac.at/home: Permission denied

Strange. With the above token we should have the permission to see the
files in "home". Interesstingly, this (second) call to "ls" doesn't
genereate any afs network traffic.

Other experiments:

If we get the token *before* the first call to "ls", it works as
expected:

  # /etc/rc.d/init.d/arla stop
  # /etc/rc.d/init.d/arla start
  # klog wlang
  wlang at wu-wien.ac.at's Password: ********
  # ls /afs/wu-wien.ac.at/home
  absatz   bwlstl    h00b  h93   h98c      iwwmf     rektorat  tourism   vw5
  [...]

If we have a PAG, it also works in the first variant:

  # /etc/rc.d/init.d/arla stop
  # /etc/rc.d/init.d/arla start

  # ls /afs/wu-wien.ac.at/home
  ls: /afs/wu-wien.ac.at/home: Permission denied

  # groups
  root 33536 32512 bin daemon sys adm disk

  # klog wlang
  wlang at wu-wien.ac.at's Password: *******

  # ls /afs/wu-wien.ac.at/home
  absatz   bwlstl    h00b  h93   h98c      iwwmf     rektorat  tourism   vw5
  [...]


Cheers,


\wlang{}

-- 
Willi.Langenberger at wu-wien.ac.at                 Fax: +43/1/31336/702
Zentrum fuer Informatikdienste, Wirtschaftsuniversitaet Wien, Austria

More information about the Arla-drinkers mailing list