On Wed, Oct 19, 2005 at 08:08:21AM -0700, Phil Nelson wrote:
> in that realm.   As I understand it, you can't even "cross mount" a
> volume from servers for one realm into another realm's tree.

I would hope so but I am not sure.
A freedom of such kind is IMHO very harmful as it opens wider a can of worms,
including e.g. bypassing access limitations, set in higher lever directories.

Another implication is that it can not be done consistently when
the mountpoint and the volume belong to different administration domains.

We definitely have both problems as anyone can try to mount any volume
inside a realm, but at least "inside a realm" implies "inside the same
administration domain".

I'd suggest creation of "custom" mountpoints (not corresponding to
a volume that is called the same as the mountpoint path!) being limited
(by a special bit in acls?) to realm administrators,
that is to the same personality who is allowed to manage volumes.

Then we do not loose functionality, but get rid of both problems above.

Unfortunately, that is most probably not trivial to add that limitation.

Regards,
--
Ivan