[OpenAFS] Backup and acls
Charles Clancy
security@xauth.net
Tue, 25 Mar 2003 17:16:19 -0600 (CST)
On Tue, 25 Mar 2003, Klaas Hagemann wrote:
>
> So is there any chance to to a recursive setacl command?
>
find /afs/@cell/backup -follow -type d -exec fs sa {} user acl \;
... but make sure your users don't have recursive mountpoints, or things
get stuck.
> The problem is the following: A user adds a subdirectory in his
> home-directory which is on volume. This new directory has the rights
> ...
> Therefore this new directory won't be accessable by the ip-based acls.
Sounds like you should add the IP of your backup/virus scan server to the
system:administrators group. The security implications of doing that are
debatable, though.
[ t charles clancy ]--[ tclancy@uiuc.edu ]--[ www.uiuc.edu/~tclancy ]