[OpenAFS] Backup and acls

[Klaas Hagemann]

Hi to all,

for backup-issues and virus scanning, i want to have copys of all my 
volumes central, which i can keep up to date with

vos dump volume | vos restore volume.bak

also with the incremental option.
These new volumes (volume.bak) i want to mount on a different place in 
the afs tree.
So when i have finished, i have
/afs/mydomain.de/usr
		/group
and
/afs/mydomain.de/backup/usr
		       /group
Onto this secondary file tree, i want to put ip-based acls, to be able 
to do backup and virus detecting operations.
So is there any chance to to a recursive setacl command?

The problem is the following:
A user adds a subdirectory in his home-directory which is on volume.
This new directory has the rights
user: read
system:administrator all

Therefore this new directory won't be accessable by the ip-based acls.
what i am thinking for:

set a acl to /afs/mydomain/backup for the ip-adress of the machine doing 
backup and virus detecting. This acl should be valid for the whole tree 
under /afs/mydomain.de/backup.

Thanks for any hint on this dead-lock situation.

Klaas