 |
 |
Hi Patrick, So, the answer to the first question is that if two rules can apply to the same person then the most restrictive rule is used. Andy -----Original Message----- From: Patrick McGuigan Sent: Thursday, May 19, 2011 3:37 PM To: xrootd-l Subject: Re: auth_file precedence Hello, I discovered the answer to the second question myself, as the xrootd daemon will not start if there are multiple identifiers in the authentication DB file. Patrick On 05/18/2011 06:21 PM, Patrick McGuigan wrote: > Hello, > > I am playing around with some privileges in an authdb file when using the > unix security > protocol and I have some questions as to precedence of entries in the > file. > > In the example of fungible paths, an example is given with: > u * /xrd lr > u = /xrd/users/@=/ a > > but in the header of the section there is a line that mentions: > "The privileges associated with first prefix that matches an incoming path > name are > considered to be the applicable privileges." > > Assuming that user bob want to write a file at /xrd/user/bob/somefile, why > is it that the > second rule is used, rather than the first, since /xrd is a prefix that > matches? > > Additionally, can the same identifier be used multiple times? > > u bob /some/path lr > u bob /some/path/additional a > > or cant this only be done as: > u bob /some/path/additional a /some/path lr > > > Regards, > > Patrick