[OpenAFS] "vos dump" authorization based on "bos adduser"?
Adam Megacz
megacz@cs.berkeley.edu
Tue, 05 Jun 2007 10:03:23 -0700
I understand why all of the bos operations are checked against a
separate authorization list (bos adduser) rather than membership in
system:administrators -- the ptserver might be down and you need to
use bos to get it back up.
However, it seems that the volserver bases "vos dump" permission on
whether or not a user's key is in the "bos adduser" list rather than
whether or not they are in system:administrators. Is there a reason
for this?
Actually, now that I think about it, if all the ptserver instances are
down, how would an admin be able to aklog (in order to run bos commands)?
- a
--
PGP/GPG: 5C9F F366 C9CF 2145 E770 B1B8 EFB1 462D A146 C380