[Nautilus-list] AFS Support in Nautilus ramblings

[Thomas Cherryhomes <thomasc apogeemm com>]

Hey All.

I know I've been quiet lately, but I have been working like crazy on
implimenting our company's infrastructure. 

About a month ago, I was searching for an effective way to merge our
company's disparate offices into one coherent filesystem. 

That's when I found OpenAFS. (http://www.openafs.org/)

I had heard of AFS for years, but thought that it was an expensive
commercial product. With the release of AFS as OpenAFS under an open
license, I decided to give this filesystem a try.

For those who don't know. AFS provides an internet-wide filesystem with
the following features:

All network volumes mounted in one tree... "/afs"

All volume mapping is centralized and done by the administrator on the
server side. 

Volumes can reside on any server...even servers outside your AFS cell. 
this doesn't affect the way the user sees it, if a volume moves to
another server, the path to that file isn't affected. 

A form of Kerberos 4 is used for Authentication, although Kerberos 5 CAN
be used with a little administrative effort in setting up.

etc...etc...etc...

Currently, Nautilus 'works' with AFS, because it sees it as just another
directory. However there are a couple of quirks I've noticed....

AFS DOES NOT use the standard UNIX permissions..They are recorded, but
they are almost always ignored. This goes for file ownership as well, so

* If you don't own a file, and the UNIX write bits are not set, Nautilus
will think the file is "locked". 

* because you have fine grained ACL's.. YOU DON'T HAVE TO OWN A FILE TO
BE ABLE TO CHANGE PERMISSIONS.

* traditional unix uid/gid's don't mean diddly-squat. 

In short, the only way to get the real skinny on a file is to consult
the AFS file server and ask about the protection of a file (accessing
the protection database). 

Also, if you have AFS cells that are outside your LAN, stat'ing them can
be extremely painful. (try browsing into /afs with the athena.mit.edu
cell mounted!!!) Network latency can kill the first time files are
accessed via AFS (i.e. they haven't gone into either the stat/file or
directory caches). Can we delay stat'ing for such filesystems?

One thing that I have noticed with Transarc's wonderful Windows clients
(both the Win9x and WinNT/W2K clients) is the integration of the AFS
utilities into the file manager. I can right click on a file/directory
inside AFS and get/set any AFS specific information (ACLs, Ownership,
volume mounting if I have admin permissions etc)... I would like to add
such functionality into Nautilus, but am unsure as to the route I should
take......I see two options.....

1. Do what Transarc/OpenAFS does and make a separate AFS-> menu which
contains the AFS specific stuff, or...

2. try to merge it in with the existing Nautilus Permissions window,
this would be better for sure from a user interface standpoint. Much
more consisitent, IMHO....

Any ideas??

Anyway, I would like to see Nautilus definitely become AFS aware. AFS
has helped our company immensely by providing a cohesive network
filesystem on which to run every one of our workstations, servers,
etc...

Cheers,
Thomas Cherryhomes - V.P. Research and Development

OpenMINDS Research and Development Inc.
Dallas, TX 75201
(866)-752-4578