-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Monday, 2016-04-11 at 08:06 +0200, Per Jessen wrote:
Carlos E. R. wrote:
Say, a backup admin. In Linux it has to be root.
It's not that you can't do it on Linux, it's simply that noone has put any (or enough) effort into developing a framework for managing and delegating permissions and such. You can actually do quite a lot with sudo, but yes, it's cumbersome.
Well, the way I think about it, we would need privileged UIDs. Think of a backup admin: he needs execute permissions on all directories, and read access on all files, and those permissions must be assigned by default to all new files and directories. In effect, he needs read access to all files owned by UID 0. Another, related, feature, is seen by the trick some do of creating another admin user with UID 0 besides root. These are very basic access, they need, I think, a core redesign of how Linux/Unix work. Some kind of delegated/effective UID 0, without being it, not needing to alter the permissions of files. No, I do not know how to do it, or being more precise. :-( Perhaps negative numbers, to flag that they are special. Then a structure listing what each of those UIDs can do. Like a list of directories to which they have superseding permissions. - -- Cheers, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iEYEARECAAYFAlcLefcACgkQtTMYHG2NR9VnBwCgkgG2x5aBEIITLkSKnGZWPEm2 egoAn0UBX2tyMh4q0kYAbUqGcEAmtvYV =7odT -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org