Versions Compared

Old Version 2

changes.mady.by.user David William Botsch

Saved on

compared with

New Version 3

changes.mady.by.user David William Botsch

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

 Working with AFS Protection Groups

 Windows


        Open up a command prompt (Start - Run - cmd). View your group
        membership with the following command:

        pts membership

 Linux

         From the AFSTokens application (under the Applications menu), click
        "PTS (Group Mgmt)". To view groups of which you are a member, click
        the "Group Membership" button. To work with groups that you own, click
        the "Groups I Own" button. Groups you own will be named either:
        netid@cit.cornell.edu:groupname or guestid@guest.cornell.edu:groupname

        When adding a new group, the part of the groupname before the colon is
        automatically filled in.

 Working with Directory ACLs

 Windows

         Right click on a folder in AFS. Choose AFS, and then choose Access
        Control Lists. You may edit ACLs on folders for which you have "all"
        (rlidwka) permissions (for example, those in your AFS home directory)

 Linux

         From the Applications menu, choose "afs acl mgr". Click the "Open"
        button, and browse to the directory for which you want to view/edit
        AFS ACLs. The application defaults to your home directory... afs-land
        can be found under "Filesystem" in the leftmost pane. After selecting
        a directory in AFS, click "OK".

        If you prefer to use the linux commandline...

        From a terminal, use fs la directory and fs sa directory acl. For
        example:

No Format

        $ fs la /afs/cnf.cornell.edu
        Access list for /afs/cnf.cornell.edu is
        Normal rights:
          cnfhosts rl
          grp_all rl
          grp_it rlidwka
          system:administrators rlidwka
          system:anyuser rl

        If I was in the system:administrators group, I could change the ACLs
        on /afs/cnf.cornell.edu to, for example, give system:anyuser write
        access:

No Format

         $ fs sa /afs/cnf.cornell.edu system:anyuser write

Home Directories

 Every CNF user has a personal home directory in its own volume under AFS. User
home directories are located at /afs/cnf.cornell.edu/home/users/username .
Initial quota is TBD. Staff home directories are located at
/afs/cnf.cornell.edu/home/staff/ .

On Windows, your W drive is your AFS home directory. And your X drive is the top
level of the CNF AFS cell.

In your home directory are a few pre-defined folders with permissions set
appropriately:

 
        *public - others can read but not write to this directory. You can
        place files to be shared with others, here.

        *private - as implied by the name, no one but you can get to or even
        see the files here

        *incoming - others can place files for you here (but not read or
        modify existing files in this directory)

        *windows_profile - where your Windows XP roaming profile is stored
        (Desktop, My Documents, etc)

        *Yesterday - a daily snapshop of the files and folders in your AFS
        home directory.

The rest of the folders and files, by default, can be seen, but not read, by
others. So, feel free to create other directories in your home directory. You
can, of course, also change the Access Control Lists on any of these predefined
folders however you choose.

 CNF Shares

 CNF Public Share

                 Located at /afs/cnf.cornell.edu/shares/public/cnf
                Anyone on a computer on one of the CNF networks any any user
                of our files server can read, write, create, modify, and
                delete files here.

 CNF Outside Users Share

                 Located at /afs/cnf.cornell.edu/shares/public/outside_users
                Only staff can write to this share.
                Files in this share can be read by anyone anywhere in the world.