jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-19 15:30:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
37cdc71132
openafs/doc/man-pages/pod1/pts_createuser.pod.in
Andrew Deason f69bf0b194 doc: pts manpage fixes 
- Mention the -help, -auth, -encrypt, and -config options for all pts
   commands in their synopsis

 - Add the -auth option to the pts.pod page

 - Reference the -auth, -encrypt, and -config options from all
   subcommand pts pages

 - pts_removeuser: Replace -name with -user

 - pts_sleep: Add missing -delay

 - pts_source: Add missing -file

Change-Id: I4f0889d661c46f6bdd2a9604d8423d809a632d2d
Reviewed-on: http://gerrit.openafs.org/10387
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
2013-11-03 20:36:16 -08:00

174 lines
6.0 KiB
Plaintext
Raw Blame History

=head1 NAME
pts_createuser - Creates a user or machine entry in the Protection Database
=head1 SYNOPSIS
=for html
<div class="synopsis">
B<pts createuser> S<<< B<-name> <I<user name>>+ >>> S<<< [B<-id> <I<user id>>+] >>>
S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>] [B<-force>]
[B<-help>] [B<-auth>] [B<-encrypt>] S<<< [B<-config> <I<config directory>>] >>>
B<pts createu> S<<< B<-na> <I<user name>>+ >>> S<<< [B<-i> <I<user id>>+] >>>
S<<< [B<-c> <I<cell name>>] >>> [B<-no>] [B<-l>] [B<-f>] [B<-h>]
[B<-a>] [B<-e>] S<<< [B<-co> <I<config directory>>] >>>
B<pts cu> S<<< B<-na> <I<user name>>+ >>> S<<< [B<-i> <I<user id>>+] >>>
S<<< [B<-c> <I<cell name>>] >>> [B<-no>] [B<-l>] [B<-f>] [B<-h>]
[B<-a>] [B<-e>] S<<< [B<-co> <I<config directory>>] >>>
=for html
</div>
=head1 DESCRIPTION
The B<pts createuser> command creates an entry in the Protection Database
for each user or machine specified by the B<-name> argument. A user entry
name becomes the user's AFS username (the one to provide when
authenticating with the AFS Authentication Server). A machine entry's
name is the machine's IP address or a wildcard notation that represents a
range of consecutive IP addresses (a group of machines on the same
network). It is not possible to authenticate as a machine, but a group to
which a machine entry belongs can appear on a directory's access control
list (ACL), thereby granting the indicated permissions to any user logged
on to the machine.
AFS user IDs (AFS UIDs) are positive integers and by default the
Protection Server assigns an AFS UID that is one greater than the current
value of the C<max user id> counter in the Protection Database,
incrementing the counter by one for each user. To assign a specific AFS
UID, use the B<-id> argument. If any of the specified AFS UIDs is greater
than the current value of the C<max user id> counter, the counter is reset
to that value. It is acceptable to specify an AFS UID smaller than the
current value of the counter, but the creation operation fails if an
existing user or machine entry already has it. To display or set the value
of the C<max user id> counter, use the B<pts listmax> or B<pts setmax>
command, respectively.
The issuer of the B<pts createuser> command is recorded as the entry's
creator and the group system:administrators as its owner.
=head1 CAUTIONS
The Protection Server reserves AFS UID 0 (zero) and returns an error if
the B<-id> argument has that value.
=head1 OPTIONS
=over 4
=item B<-name> <I<user name>>+
Specifies either a username for a user entry, or an IP address (complete
or wildcarded) for a machine entry:
=over 4
=item *
A username can include up to 63 numbers and lowercase letters, but it is
best to make it shorter than eight characters, because many application
programs cannot handle longer names. Also, it is best not to include shell
metacharacters or other punctuation marks. In particular, the colon (C<:>)
and at-sign (C<@>) characters are not acceptable. The period is generally
used only in special administrative names, to separate the username and an
I<instance>, as in the example C<pat.admin>.
=item *
A machine identifier is its IP address in dotted decimal notation (for
example, 192.12.108.240), or a wildcard notation that represents a set of
IP addresses (a group of machines on the same network). The following are
acceptable wildcard formats. The letters C<W>, C<X>, C<Y> and C<Z> each
represent an actual number from the range 1 through 255.
=over 4
=item *
W.X.Y.Z represents a single machine, for example C<192.12.108.240>.
=item *
W.X.Y.0 matches all machines whose IP addresses start with the first three
numbers. For example, C<192.12.108.0> matches both C<192.12.108.119> and
C<192.12.108.120>, but does not match C<192.12.105.144>.
=item *
W.X.0.0 matches all machines whose IP addresses start with the first two
numbers. For example, the address C<192.12.0.0> matches both
C<192.12.106.23> and C<192.12.108.120>, but does not match C<192.5.30.95>.
=item *
W.0.0.0 matches all machines whose IP addresses start with the first
number in the specified address. For example, the address C<192.0.0.0>
matches both C<192.5.30.95> and C<192.12.108.120>, but does not match
C<138.255.63.52>.
=back
Do not define a machine entry with the name C<0.0.0.0> to match every
machine. The system:anyuser group is equivalent.
=back
=item B<-id> <I<user id>>+
Specifies an AFS UID for each user or machine entry, rather than allowing
the Protection Server to assign it. Provide a positive integer.
If this argument is used and the B<-name> argument names multiple new
entries, it is best to provide an equivalent number of AFS UIDs. The
first UID is assigned to the first entry, the second to the second entry,
and so on. If there are fewer UIDs than entries, the Protection Server
assigns UIDs to the unmatched entries based on the C<max user id>
counter. If there are more UIDs than entries, the excess UIDs are
ignored. If any of the UIDs is greater than the current value of the C<max
user id> counter, the counter is reset to that value.
=include fragments/pts-common.pod
=back
=head1 OUTPUT
The command generates the following string to confirm creation of each
user:
User <name> has id <id>
=head1 EXAMPLES
The following example creates a Protection Database entry for the user
C<johnson>.
% pts createuser -name johnson
The following example creates three wildcarded machine entries in the Example
Corporation cell. The three entries encompass all of the machines on the
company's networks without including machines on other networks:
% pts createuser -name 138.255.0.0 192.12.105.0 192.12.106.0
=head1 PRIVILEGE REQUIRED
The issuer must belong to the system:administrators group.
=head1 SEE ALSO
L<pts(1)>,
L<pts_listmax(1)>,
L<pts_setmax(1)>
=head1 COPYRIGHT
IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
This documentation is covered by the IBM Public License Version 1.0. It was
converted from HTML to POD by software written by Chas Williams and Russ
Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
Reference in New Issue View Git Blame Copy Permalink