[OpenAFS] How to store homedir for Linux, Solaris, Windows, OS X win AFS?

Jeffrey Hutzelman jhutz@cmu.edu
Mon, 10 Apr 2006 15:05:36 -0400

On Monday, April 10, 2006 06:39:25 PM +0100 Jose Calhariz 
<jose.calhariz@tagus.ist.utl.pt> wrote:

>> AFS has an advantage over some other network filesystems: a pathname
>> that contains @sys as a component can point to different directories
>> on different platforms. So if you need to keep, say, your
>> $HOME/.mozilla/plugins/ directories system-specific you can just
>> "ln -s @sys/plugins $HOME/.mozilla/" (and create the required
>> subdirectories).
> I have think about it, but I would like to know if anyone is using it,
> and how are using it for anything diferent that bin dirs.

Yes; people use @sys for a variety of things every day.  There's nothing 
special about binaries, you can use the same technique for anything that's 
different per-platform.  That's what it's for.

>> > But the University is implementing a new AFS cell, and is considering
>> > a different design.  Give full permissions to the root of the user's
>> > volume and place inside the special directories.
>> There is an AFS-specific difference here: the owner of the root of a
>> volume can always obtain full access to directories in the volume.
>> This might save you a few support calls (if the users involved have
>> at least half a clue, which is by no means guaranteed).
> I believe that AFS volumes don't have ownership, authorization is only
> regulated by ACLs and the three bits of read, write and execute.

Believe whatever you want, but that doesn't change reality.
AFS volumes _do_ have ownership, and the owner of a volume always has the 
ability to search directories and change ACL's in that volume, no matter 
what you set the ACL's to.

-- Jeffrey T. Hutzelman (N3NHS) <jhutz+@cmu.edu>
   Sr. Research Systems Programmer
   School of Computer Science - Research Computing Facility
   Carnegie Mellon University - Pittsburgh, PA