[clue-tech] Groups in groups? -- IMPOSSIBLE (?)
mike havlicek
mhavlicek1 at yahoo.com
Tue Jan 17 01:15:20 MST 2006
--- Angelo Bertolli <angelo at freeshell.org> wrote:
> William wrote:
>
> > William wrote:
> >
> >> I'm still turning up nil on Google (I even tried
> Ask Jeeves).
> >
> >
> > I finally found something (heartbreaking):
> > http://www.list.gmu.edu/confrnc/nissc/n98unix.pdf
> >
> > Unfortunately, this says, "Unix notably lacks a
> facility for including
> > one group in another."
> >
> > Does anyone know for sure whether group-in-group
> capability has been
> > added since the writing of this document? In the
> reading, it is
> > evident that I'm not the only person who thinks
> it's a good idea.
>
> Found it here too:
>
http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/groupmapping.html
>
> " UNIX/Linux has no concept of support for nested
> groups"
> _______________________________________________
> CLUE-tech mailing list
> CLUE-tech at cluedenver.org
> http://cluedenver.org/mailman/listinfo/clue-tech
>
I like the logic and set notation used in the
referenced paper...
Makes me kinda wonder.
The point is that of course the suggested structure of
/etc/group doesn't work. Look at /usr/include/grp.h.
The pointer **gr_mem is clearly defined to point to
user names. I suspect that this is tied to
/usr/include/pwd.h but don't care enough to trace
system calls anymore.
Other alternitives are NIS (aka Yellow Pages) or LDAP
or perhaps kerberos and PAM. The assigning of roles
was a strong point of VMS-->Windows.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
_______________________________________________
CLUE-tech mailing list
CLUE-tech at cluedenver.org
http://cluedenver.org/mailman/listinfo/clue-tech
More information about the clue-tech
mailing list