OpenAFS User Guide

Revision History
Revision BP--1.6.x-4781-gc0876-dirty
Revision 3.6April 2000
First IBM Edition, Document Number GC09-4561-00


This edition applies to:

OpenAFS for AIX, Version M.n
OpenAFS for Digital Unix, Version M.n
OpenAFS for HP-UX, Version M.n
OpenAFS for Linux, Version M.n
OpenAFS for SGI IRIX, Version M.n
OpenAFS for Solaris, Version M.n

and to all subsequent releases and modifications until otherwise indicated in new editions.This softcopy version is based on the printed edition of this book. Some formatting amendments have been made to make this information more suitable for softcopy.

Table of Contents

About This Guide
Audience and Purpose
Document Organization
How To Use This Document
Related Documents
Typographical Conventions
1. An Introduction to OpenAFS
AFS Concepts
Client/Server Computing
Distributed File Systems
AFS Filespace and Local Filespace
Cells and Sites
Volumes and Mount Points
Volume Quotas
Using Files in AFS
The Cache Manager
Updating Copies of Cached Files
Multiple Users Modifying Files
AFS Security
Passwords and Mutual Authentication
Access Control Lists
Differences Between UNIX and AFS
File Sharing
Login and Authentication
File and Directory Protection
Machine Outages
Remote Commands
Differences in the Semantics of Standard UNIX Commands
Using OpenAFS with NFS
2. Using OpenAFS
Logging in and Authenticating with AFS
Logging In
To Log In Using an AFS enabled PAM module
To Log In Using a Two-Step Login Procedure
Authenticating with AFS
To Authenticate with AFS
To Display Your Tokens
Example: Authenticating in the Local Cell
Example: Authenticating as a Another User
Example: Authenticating in a Foreign Cell
Exiting an AFS Session
To Discard Tokens
Example: Unauthenticating from a Specific Cell
To Log Out
Accessing the AFS Filespace
AFS Pathnames
Example: Displaying the Contents of Another User's Directory
Accessing Foreign Cells
Changing Your Password
3. Displaying Information about OpenAFS
Displaying Volume Quota
To Display Percentage of Quota Used
Example: Displaying Percentage of Quota Used
To Display Quota and Other Information about a Volume
Example: Display Quota and Other Information about a Volume
To Display Quota and Other Information about a Volume and Partition
Example: Displaying Quota and Other Information about a Volume and Partition
Locating Files and Directories
To Display a File or Directory's Location
Example: Displaying Directory Location
Checking the Status of Server Machines
To Check File Server Machine Status
Example: Checking Server Machine Status
Determining Access to Foreign Cells
To Display Foreign Cells
Displaying Server Preference Ranks
To Display Server Preference Ranks
4. Protecting Your Directories and Files
Access Control Lists
Directory Level Access Control
The AFS ACL Permissions
The Four Directory Permissions
The Three File Permissions
The Eight Auxiliary Permissions
Shorthand Notation for Sets of Permissions
About Normal and Negative Permissions
Setting DFS ACLs
Dropbox Permissions
Using the System Groups on ACLs
Enabling Access to Subdirectories
Extending Access to Service Processes
Extending Access to Users from Foreign Cells
Displaying an ACL
To display an ACL
Example: Displaying the ACL on One Directory
Example: Displaying the ACLs on Multiple Directories
Changing an ACL
To Add, Remove, or Edit Normal ACL Permissions
Example: Adding a Single ACL Entry
Example: Setting Several ACL Entries on One Directory
To Add, Remove, or Edit Negative ACL Permissions
Example: Setting an Entry in the Negative Permissions Section
Example: Restoring Access by Removing an Entry from the Negative Permissions Section
Completely Replacing an ACL
To Replace an ACL Completely
Example: Replacing an ACL
Copying ACLs Between Directories
To Copy an ACL Between Directories
Example: Copying an ACL from One Directory to Another
How AFS Uses the UNIX Mode Bits
Example: Disabling Write Access for a File
5. Using Groups
About Groups
Suggestions for Using Groups Effectively
Group Names
Group-creation Quota
Displaying Group Information
To Display Group Membership
Example: Displaying the Members of a Group
Example: Displaying the Groups to Which a User Belongs
To Display the Groups a User or Group Owns
Example: Displaying the Groups a Group Owns
Example: Displaying the Groups a User Owns
To Display A Group Entry
Example: Listing Information about a Group
Example: Listing Group Information about a User
Creating Groups and Adding Members
To Create a Group
Example: Creating a Group
To Add Members to a Group
Example: Adding Members to a Group
Removing Users from a Group and Deleting a Group
To Remove Members from a Group
Example: Removing Group Members
To Delete a Group
Example: Deleting a Group
To Remove Obsolete ACL Entries
Example: Removing an Obsolete ACL Entry
Changing a Group's Owner or Name
To Change a Group's Owner
Example: Changing a Group's Owner to Another User
Example: Changing a Group's Owner to Itself
Example: Changing a Group's Owner to a Group
To Change a Group's Name
Example: Changing a Group's group_name Suffix
Example: Changing a Group's owner_name Prefix
Protecting Group-Related Information
Interpreting the Privacy Flags
To Set a Group's Privacy Flags
Example: Setting a Group's Privacy Flags
6. Troubleshooting
Problem: Cannot Access, Copy, or Save File
Problem: Accidentally Removed Your Entry from an ACL
Error Message: "afs: Lost contact with fileserver"
Error Message: "command: Connection timed out"
Error Message: "fs: You don't have the required access rights on 'file'"
Error Message: "afs: failed to store file"
A. Using the NFS/AFS Translator
Requirements for Using the NFS/AFS Translator
Accessing AFS via the Translator
To Authenticate on a Supported Operating System
To Authenticate on an Unsupported Operating System
Troubleshooting the NFS/AFS Translator
Your NFS Client Machine is Frozen
NFS/AFS Translator Reboots
System Error Messages
B. OpenAFS Command Syntax and Online Help
OpenAFS Command Syntax
Command Syntax Example
Rules for Using OpenAFS Commands
Spaces and Lines
Abbreviations and Aliases for Operation Codes
Omitting Argument Switches
Shortening Switches and Flags
Shortening Directory References
Commonly Used fs and pts Commands
About the fs Commands
About the pts Commands
Getting Help in AFS
Displaying Command Syntax and Aliases
Displaying Operation Code Descriptions