From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <2e0ad0b6969180f7dcdbd609aa3f5bbf@plan9.bell-labs.com> From: presotto@plan9.bell-labs.com To: 9fans@cse.psu.edu Subject: Re: [9fans] secstore MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="upas-xlxzsykwvcgmoenwjdruudtjxt" Date: Wed, 15 May 2002 08:17:40 -0400 Topicbox-Message-UUID: 929b4dca-eaca-11e9-9e20-41e7f4b1d025 This is a multi-part message in MIME format. --upas-xlxzsykwvcgmoenwjdruudtjxt Content-Disposition: inline Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit I'ld do the same thing for keyfs also, i.e., put /adm/keys and /adm/secsore on the kfs and not make them visible to most processes. You'll have to protect /srv/kfs and /srv/kfs.cmd also so that only the hostowner can open them. --upas-xlxzsykwvcgmoenwjdruudtjxt Content-Type: message/rfc822 Content-Disposition: inline Received: from plan9.cs.bell-labs.com ([135.104.9.2]) by plan9; Wed May 15 08:02:16 EDT 2002 Received: from mail.cse.psu.edu ([130.203.4.6]) by plan9; Wed May 15 08:02:15 EDT 2002 Received: from psuvax1.cse.psu.edu (psuvax1.cse.psu.edu [130.203.16.6]) by mail.cse.psu.edu (CSE Mail Server) with ESMTP id CA7E9199B7; Wed, 15 May 2002 08:02:09 -0400 (EDT) Delivered-To: 9fans@cse.psu.edu Received: from 9fs.org (cotswold.demon.co.uk [194.222.75.186]) by mail.cse.psu.edu (CSE Mail Server) with SMTP id A055D199BC for <9fans@cse.psu.edu>; Wed, 15 May 2002 08:00:59 -0400 (EDT) Message-ID: <80dc9d46780953d37104e05c11fbed0f@9fs.org> From: nigel@9fs.org To: 9fans@cse.psu.edu Subject: Re: [9fans] secstore MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Sender: 9fans-admin@cse.psu.edu Errors-To: 9fans-admin@cse.psu.edu X-BeenThere: 9fans@cse.psu.edu X-Mailman-Version: 2.0.9 Precedence: bulk Reply-To: 9fans@cse.psu.edu List-Id: Fans of the OS Plan 9 from Bell Labs <9fans.cse.psu.edu> List-Archive: Date: Wed, 15 May 2002 12:58:16 +0100 So a suitable solution for a combined cpu/auth server would be to use kfs and bind it over /adm/secstore for the secstored process only? I note that my cpu sever has a 15Gb disk which is only used for swap at the moment so I suppose I ought to make better use of it. --upas-xlxzsykwvcgmoenwjdruudtjxt--