[OpenAFS] Purging the client cache

Russ Allbery rra@stanford.edu
Sat, 09 Jan 2010 09:52:59 -0800

We're starting a project to provide a set of AFS servers and a file space
with additional security restrictions around who can access it so that
it's suitable for storing data subject to various regulatory requirements.
This space will require using either strong TLS or a VPN to access any
files in that space.

One of the concerns raised by our Information Security Office is that a
primary point of this space is to get the data off of people's hard drives
and into central storage that can be managed securely.  If the data
persists in users' caches after they disconnect from the VPN required to
access the secure space directly, this would partly defeat this purpose.

What would be the best way to force a purge of the user's AFS cache when
they disconnect from the VPN, or at least ensure that the data doesn't
persist on the local system for longer than a few hours after they finish
working on it?  Setting a lifetime for data in the cache would be
sufficient, but I don't think there's a way to do that.  Would the best
way to try to tackle this be to use fs setcache to reduce and then enlarge
the cache as part of some script associated with the VPN configuration?
Is there any simpler way?

We'll need to address this for both Windows and Mac AFS clients.  (Linux
is possible but less likely for this particular use case.)

Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>