[OpenAFS] IP ACLs in 1.4

Jeffrey Hutzelman jhutz@cmu.edu
Wed, 14 Sep 2005 17:19:14 -0400

On Wednesday, September 14, 2005 02:46:53 PM -0500 Brian Sebby 
<sebby@anl.gov> wrote:

> I don't know if this has already been addressed, is being addressed, or
> not, but I was wondering if there will be any changes to OpenAFS 1.4 to
> either make IP ACLs take effect immediately, or if a command could be
> added to force the file server to update its IP ACLs.
> Right now the workaround is to move the volume if you want the ACLs to
> take effect immediately, but this isn't easy for big volumes.
> And yes, I know they're horrible and I'm a bad person for using them, but
> they've made a few problems much easier to solve.

There will be no new changes in 1.4 in this area.  However, with a new 
enough fileserver, there is a FlushCPS RPC you can call to make the 
fileserver discard its cached rights for a particular set of IP addresses.
Be careful, though -- if the fileserver is not new enough, calling this RPC 
may cause it to crash.

-- Jeffrey T. Hutzelman (N3NHS) <jhutz+@cmu.edu>
   Sr. Research Systems Programmer
   School of Computer Science - Research Computing Facility
   Carnegie Mellon University - Pittsburgh, PA