1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
#
# $KTH: testc.ctx,v 1.1 2000/06/01 14:30:59 lha Exp $
#
%name description
command to manipulate the filesystem
%name os
"Arla, KTH"
%name section
1
%command setacl
Set the ACL for the named directory
.Ar dir
to the list of
.Ar acl
entries. If the flag
.Fl clear
is specified all current ACL entries are removed before the
new one is added. You must have the A-ACL on the directory to
be able to change the ACL.
The ACL entry consist of two parts, a user/group and
rights. The rights are rwlidka.
.Bl -tag -width "Administer"
.It Em Read
the user/group can read files in this directory.
.It Em Write
the user/group can write files in this directory.
.It Em List
the user/group can list files in this directory, they
can also read symlinks.
.It Em Insert
the user/group can create new files in this directory.
.It Em Delete
the user/group can delete files from this directory.
.It Em locK
the user/group can do locking on files in this directory.
.It Em Administer
the user/group can change the acl and the modebits in this directory
.El
.Pp
There is also some named ACL that is easier to remember. Those are
.Ar all,
.Ar read,
.Ar write,
.Ar none,
.Ar mail.
All of these are quote obvoius what they do execpt the last
one, and you shouldn't use that one.
.Pp
There are three special groups that is good know know about:
.Bl -tag -width "Administer"
.It Em system:anyuser
any user of the AFS system
.It Em system:auth-user
any user the is authenticated to the cell that this directory exists.
Use
.Ic fs whatcell
to figure out what cell it is.
.It Em system:administrators
this is system-administrators of the cell. They can't read
files without with, but since the always can change the ACL
they can add them-self. You should trust them the are nice guys.
.El
.Pp
Groups and (remote)users can be created with
.Xr pts(1).
.Pp
Examples:
.Pp
.Nm fs setacl
\&. lha all
.Pp
.Nm fs setacl
\&. system:anyuser none
%command listacl
List the ACL for the directory
.Ar dir
(or if its isn't specifed
.Pa .
will be used).
%section bugs
Not really complete
%section history
The fs command first appeared in Transarc AFS, it was
reimplemented and extended in arla project by a mixure of
people. In DCE/DFS the fs-commands name is
.Xr fts(1)
and in Coda the name is
.Xr cfs(1).
%section see also
.Xr vos(1),
.Xr pts(1),
.Xr bos(1),
.Xr arlad(1)
%section authors
Love H�rnquist-�strand <lha@stacken.kth.se>,
\&...
# If you feel that you should be here, add yourself
%section description
Some of the commands can only be run by root.
|
