[OpenAFS] adding a group to a group?

Lars Schimmer schimmer@cg.cs.tu-bs.de
Mon, 07 Mar 2005 22:12:51 +0100


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Derek Atkins schrieb:
| Lars Schimmer <schimmer@cg.cs.tu-bs.de> writes:
|
|
|>That´s exact not what I search :-)
|>I want to open our cell at the firewall to be accessed from all over the
|>world. But I don´t want every other AFS user to read our data, so I need
|>a group called "all" to inherit our PCs and all our users (which are all
|>members in some groups).
|
|
| Uhh, the system:authuser group contains implicitly every user in your
| cell, but not anyone else.  That would seem to solve some of your
| issues.  I'm not sure exactly what you mean by "inherit our PCs".
| Do you wish to grant access to PCs on the local network without
| requiring user authentication?

Oh, kinda misunderstanding on my site. I thought system:authuser would
be EVERY user who has got a token, equal if my cell or from another cell.
And yes, the PCs with their IPs in one group and the users with their
groups. PCs with their IP is no problem, although I read that it´s
better to include them in a group rather than set the IP direct in the ACL.
BTW, in a mail few days ago, I got a answer like:
"5. wait until the getcps interval has passed. no tokens involved,, so
you have to wait until the previous getcps times out"
So I watched out openafs.org but haven´t found in the docs something to
explain this. When does "getcps" time out and is there a way to manual
control the getcps interval?


| -derek

Thx so far
Lars
- --
- -----------------------------------------------------------------
Technische Universität Braunschweig, Institut für Computergraphik
Tel.: +49 531 391-2109            E-Mail: schimmer@cg.cs.tu-bs.de
PGP-Key-ID: 0xB87A0E03
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)

iD8DBQFCLMPTVguzrLh6DgMRAl3hAJ4xuvedNSbrEOX/miLXKa9HQzNSigCgxsH9
XY0bBIUl2rzFJzd+mdgV8AE=
=ZsPD
-----END PGP SIGNATURE-----