Small
collection of afs commands:
Access to directories is controlled via acl's (access control
lists). To find out the acl of a directory
(e.g. the LPC web area) use the fs listacl command:
fs listacl
/afs/fnal.gov/files/expwww/uscms/html/LPC
results in listing all the groups that
have various rights to access the directory:
Access
list for /afs/fnal.gov/files/expwww/uscms/html/LPC is
Normal rights:
markl:uscms_lpc rlidwk
nicholls:uscms_org_users rlidwk
nicholls:wadmuscms rlidwka
lauram:expwwwadm rlidwka
system:administrators rlidwka
system:anyuser rl
Now
to check the membership of any of this groups use the pts membership
<group> command. Any group member will be able to able to add
another member to the group.
pts membership markl:uscms_lpc
gives
Members of markl:uscms_lpc (id: -1382) are:
markl
mf
yagil
sceno
wenzel
To add a user <user> to this
group can be done via (provided you have the privileges to do so)
the pts adduser command:
pts adduser -user
<user> -group markl:uscms_lpc
Finally in the following example I set up
a directory for my friends , I create a group, I add members
to this group and finally give this group the privilegs to
access the directory. This way I can control exactly who has access to
the directory and what kind of access:
cd ~
mkdir friends
pts creategroup -name wenzel:friends
fs setacl -dir friends -acl wenzel:friends rlidwk
pts adduser -user wenzel -group wenzel:friends
pts membership wenzel:friends
For more
information consult the AFS documentation:
http://www.openafs.org/doc/index.htm
