[OpenAFS] pts listentries and system:ptsviewers
Wed, 24 May 2006 10:59:30 -0500
My user is a member of system:ptsviewers but not system:administrators.
I read from the 1.2.5 release notes (I am not running that version, of
A new system group is created for new cells (system:ptsviewers
with id -203). If this group exists, members of this group can
examine and read the entire protection database. They can examine
all users and groups and can get the membership of any group.
So I added myself to system:ptsviewers and can view everything,
but pts listentries fails, saying permission denied. And indeed,
the documentation for pts listentries says it requires membership in
Shouldn't it also be okay with membership in system:ptsviewers or is there
a reason why `can read the entire prdb' shouldn't extend to enumerating its