This is about OpenAFS from a user's perspective.

We assume you are using Kerberos5.

Some tools you will use:

  • fs

fs is the mega-tool. It does most of what you need to do. Some examples:

  • fs setacl /afs/ system:all rli (grant read, list, insert to all users, logged in or not)
  • fs listacl /afs/ (take a look at our acls)
  • fs listquota /afs/ (see how much of your quota is used, this can be extended on the fly)
  • pts

pts is for talking to the AFSProtectionServer. This is where AFS stores all its user/group info.

  • pts listentries - see all the users and groups
  • pts adduser nward pron - add the user to a group
  • pts creategroup pron - create a group (you can do this as a normal user!)

Secret tricks:

  • find ./ -type d -exec fs setacl {} nward rli \; -print