A.4. Permissions
Xsan volumes appear, to the client, as local storage. Therefore, when a file or folder is created on a volume, POSIX permissions will be assigned it based on the umask of the client user. Ownership of the files and folders will be tracked by the UID on the local system of the user who created them. A common practice in Xsan environments is to change the default umask of the client systems to 002, which will grant read and write access to owner and group, and read-only for all others. Managing permissions using only local user accounts and POSIX permissions can be very difficult. Many administrators will use Open Directory to manage users and groups, and Access Control Lists (ACLs) to manage permissions on files.
ACLs greatly ...
Get Enterprise Mac Security: Mac OS X Snow Leopard now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
