[OpenAFS] access control lists
Todd M. Lewis
Todd_Lewis@unc.edu
Mon, 21 Aug 2006 15:45:23 -0400
Daniel Miller wrote:
> Is there a way to do fs setacl recursively?
>
> -Daniel
Here's a recursive "fs sa" for afs using xargs:
find . -noleaf -type d -print0 | xargs -0 -n 2 fs sa -acl XX YY -dir
A few things to notice:
* -noleaf in AFS makes find do the Right Thing at the root of volumes.
* -print0 instead of -print makes find do the Right Thing wrt names with
spaces and other weird characters that we normally eschew.
* The "-0" makes xargs do the Right Thing wrt find's "-print0". (They
were literally made for each other.)
* The "2" after "-n" could be 20 or 50 or whatever. I made it small just
to make sure it was doing the Right Thing in limiting the number of
parameters it tried to do on each command.
* The "normal" order of "-dir" and "-acl" has been reversed so that
"-dir" is on the end. This lets xargs put a bunch of directories on the
end as the last parameters.
* The "XX" and "YY" are supposed to be the principal and the
permissions, respectively (like "daniel" and "write").
* This still makes the mistake of traversing AFS volume mount points,
which can lead to iniquity.
--
+--------------------------------------------------------------+
/ Todd_Lewis@unc.edu 919-445-9302 http://www.unc.edu/~utoddl /
/ "He is not only dull himself, he is the cause of /
/ dullness in others." - Samuel Johnson /
+--------------------------------------------------------------+