[OpenAFS] tool to facilitate ACL cleanup
Todd Lewis
utoddl@email.unc.edu
Wed, 8 Oct 2014 14:23:51 -0400
I'm looking for a tool or procedure that will look at ACLs in a directory
tree in AFS and suggest (possibly new) groups, memberships, and
permissions to help straighten out the mess that has grown there over the
years.
We have an aging cell, and as projects have come and gone, we've
accumulated some rather ad hoc ACLs, some using groups, some not, some
with users who are no longer around... I try to discourage putting
individual users in ACLs in project group space, preferring instead use
groups in ACLs and put users in groups. But many times individuals were
added directly to one or more directory ACLs because it was easier at the
time. Some of these have become all but unmanageable.
If anyone has suggestions for strategies or specific tools to facilitate
cleaning up small to medium sized nightmare forests of ACLs, I'd love to
hear about them.
--
+--------------------------------------------------------------+
/ Todd_Lewis@unc.edu 919-445-0091 http://www.unc.edu/~utoddl /
/ Acupuncture is a jab well done. /
+--------------------------------------------------------------+