[Freeipa-users] File user and group ownership listings...
Alexander Bokovoy
abokovoy at redhat.com
Thu May 19 07:11:46 UTC 2016
On Thu, 19 May 2016, Lachlan Musicman wrote:
>Now that groups are working as expected, we have noticed that when listing
>a directory the user and group now have full domain qualifiers.
>
>This doesn't look great. We've also noticed that we now need to
>
>chown :group at subdomain filename
>
>(with default_domain_suffix set).
>
>
>Is there a reason why when the group's name and ID is the same across both
>domains, it can't be considered the same group for file ownership reasons?
In POSIX systems user and group IDs are two different namespaces. We
force so-called private groups to have the same ID as the user to
simplify some of hard identity mapping problems between POSIX and
Windows environments. In Windows world security identifier (SID)
namespace is the same for all objects.
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list