[OpenAFS] Implied 'a' rights?

Derek Atkins warlord@MIT.EDU
25 Jul 2001 17:41:58 -0400


There have been two ways this has worked over time.  I'm not sure how
OpenAFS currently works.

One way is that only the owner of a volume (i.e. the owner of the
top-level directory of the volume) gets implicit 'a' access on all the
directories within the volume.  In this case, the volume owner DOES
get 'a' access on subdirectories, provided that the subdirectory is
not a mountpoint into another volume.

The other way is that the owner of any directory within the volume
gets implicit 'a' access on that directory.  This is a superset of the
above.  The volume owner gets 'a' on all directories, and any
particular directory owner gets 'a' on that one particular directory.

-derek

"Patrick J. LoPresti" <patl@curl.com> writes:

> Jeffrey Hutzelman <jhutz@cmu.edu> writes:
> 
> > The owner of a directory appears as its UNIX owner, and has implicit 'a'
> > rights on the directory.  The owner of a volume is the same as the owner
> > of its top-level directory, and has implicit 'a' rights on every directory
> > in the volume. 
> 
> I have read the IBM AFS documentation fairly carefully, so I knew that
> the owner of a directory had implicit 'a' rights on the directory.
> 
> But I do not recall reading that the owner of a volume has implicit
> 'a' rights on the volume, so I am wondering: Are there any other
> implicit 'a' rights out there?
> 
> In my ideal world, having 'a' rights on a directory would
> automatically imply 'a' rights to every directory within.  That would
> allow us to dish out administrative control from any point in AFS
> space all the way down.
> 
>  - Pat
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available