[OpenAFS] -hr option to fileserver, IP address-based ACL delay
Christopher D. Clausen
cclausen@acm.org
Mon, 23 Aug 2010 12:18:06 -0500
Jeff Blaine <jblaine@kickflop.net> wrote:
> We'd like IP address-based ACLs to go live sooner than they do by
> default.
>
> -hr <number of hours between refreshing the host cps>
>
> Specifies how often the File Server refreshes its knowledge
> of the machines that belong to protection groups (refreshes
> the host CPSs for machines). The File Server must update
> this information to enable users from machines recently
> added to protection groups to access data for which those
> machines now have the necessary ACL permissions.
You can vos move the volume and the IP ACLs start acting fairly quickly
after doing that, or at least it used to when I last looked into this...
You might want to read:
http://wiki.openafs.org/AFSLore/IPAccessControl/
<<CDC