jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-18 23:10:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

doc: correct implicit ACL permissions volume owner

Browse Source 
OpenAFS changed the behavior of implicit administrator permission
for directory ownership.  In OpenAFS only the volume root directory
owner has implicit administrator permissions and they apply to all
directories in the volume not just those with matching ownership.

Reviewed-on: http://gerrit.openafs.org/6951
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
(cherry picked from commit 95ec152a85)

Change-Id: I33fd24db250ef03a60f7f24853715e6f76d297a8
Reviewed-on: http://gerrit.openafs.org/6952
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
This commit is contained in:
Jeffrey Altman 2012-03-25 09:56:48 -04:00 committed by Jeffrey Altman
parent 97f8a000b9
commit c381d4b151
2 changed files with 20 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
doc/xml/AdminGuide/auagd020.xml
View File

@ -309,17 +309,19 @@
<term><emphasis role="bold">The a (administer) permission</emphasis></term>
<listitem>
<para>This permission enables a user to change the directory's ACL. Members of the <emphasis
role="bold">system:administrators</emphasis> group implicitly have this permission on every directory (that is, even
if that group does not appear on the ACL). Similarly, the owner of a directory implicitly has this permission on its
ACL and those of all directories below it that he or she owns. <indexterm>
<para>This permission enables a user to change the directory's ACL. Members of the
<emphasis role="bold">system:administrators</emphasis> group implicitly have
this permission on every directory (that is, even if that group does not appear on
the ACL). Similarly, the owner of a volume root directory implicitly has this
permission on its ACL and those of all directories within the volume. <indexterm>
<primary>administer ACL permission</primary>
<secondary></secondary>
<secondary/>
<see>a ACL permission</see>
</indexterm> <indexterm>
</indexterm>
<indexterm>
<primary>a ACL permission</primary>
</indexterm><indexterm>
<primary>implicit ACL permissions</primary>
</indexterm></para>
</listitem>
</varlistentry>
@ -1701,4 +1703,4 @@
</listitem>
</itemizedlist>
</sect1>
</chapter>
</chapter>

14
doc/xml/UserGuide/auusg007.xml
View File

@ -192,12 +192,16 @@
<term><emphasis role="bold">The a (administer) permission</emphasis></term>
<listitem>
<para>This permission enables a user to change the directory's ACL. Members of the <emphasis
role="bold">system:administrators</emphasis> group implicitly have this permission on every directory (that is, even
if that group does not appear on the ACL). Similarly, the owner of a directory implicitly has this permission on its
ACL and those of all directories below it. <indexterm>
<para>This permission enables a user to change the directory's ACL. Members of the
<emphasis role="bold">system:administrators</emphasis> group implicitly have this
permission on every directory (that is, even if that group does not appear on the
ACL). Similarly, the owner of a volume root directory implicitly has this permission
on its ACL and those of all directories within the volume. <indexterm>
<primary>administer ACL permission</primary>
</indexterm> <indexterm>
</indexterm><indexterm>
<primary>implicit ACL permissions</primary>
</indexterm>
<indexterm>
<primary>a ACL permission</primary>
</indexterm></para>
</listitem>