jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-19 07:20:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
e3dfba8e6c
openafs/doc/man-pages/pod1/pts.pod
Russ Allbery e3dfba8e6c man-page-conversion-20051208 
This is the initial conversion of the AFS Adminstrators Reference into POD
for use as man pages.  The man pages are now generated via pod2man from
regen.sh so that only those working from CVS have to have pod2man
available.  The Makefile only installs.  The pages have also been sorted
out into pod1, pod5, and pod8 directories, making conversion to the right
section of man page easier without maintaining a separate list and allowing
for names to be duplicated between pod5 and pod1 or pod8 (which will likely
be needed in a few cases).

This reconversion is done with a new script based on work by Chas Williams.
In some cases, the output is worse than the previous POD pages, but this is
a more comprehensive conversion.

This is only the first step, and this initial conversion has various
problems.  In addition, the file man pages that didn't have simple names
have not been converted in this pass and will be added later.  Some of the
man pages have syntax problems and all of them have formatting errors.  The
next editing pass, coming shortly, will clean up most of the remaining
mess.
2005-12-08 12:14:33 +00:00

172 lines
5.0 KiB
Plaintext
Raw Blame History

=head1 NAME
pts - Introduction to the pts command suite
=head1 DESCRIPTION
The commands in the pts command suite are the administrative
interface to the Protection Server, which runs on each database server machine
in a cell and maintains the Protection Database. The database stores
the information that AFS uses to augment and refine the standard UNIX scheme
for controlling access to files and directories.
Instead of relying only on the mode bits that define access rights for
individual files, AFS associates an access control list (ACL) with each
directory. The ACL lists users and groups and specifies which of seven
possible access permissions they have for the directory and the files it
contains. (It is still possible to set a directory or file's mode
bits, but AFS interprets them in its own way; see the chapter on
protection in the I<IBM AFS Administration Guide> for details.)
AFS enables users to define groups in the Protection Database and place
them on ACLs to extend a set of rights to multiple users
simultaneously. Groups simplify administration by making it possible to
add someone to many ACLs by adding them to a group that already exists on
those ACLs. Machines can also be members of a group, so that users
logged into the machine automatically inherit the permissions granted to the
group.
There are several categories of commands in the pts command
suite:
=over 4
=item *
Commands to create and remove Protection Database entries: pts
creategroup, B<pts createuser>, and B<pts delete>
=item *
Commands to administer and display group membership: pts
adduser,
B<pts listowned>, B<pts membership>, and pts
removeuser
=item *
Commands to administer and display properties of user and group entries
other than membership: B<pts chown>, B<pts examine>,
B<pts listentries>, B<pts rename>, and B<pts
setfields>
=item *
Commands to set and examine the counters used when assigning IDs to users
and groups: B<pts listmax> and B<pts setmax>
=item *
Commands to obtain help: B<pts apropos> and pts
help
=back
=head1 OPTIONS
The following arguments and flags are available on many commands in the
B<pts> suite. The reference page for each command also lists
them, but they are described here in greater detail.
=over 4
=item -cell <I<cell name>
>
Names the cell in which to run the command. It is acceptable to
abbreviate the cell name to the shortest form that distinguishes it from the
other entries in the B</usr/vice/etc/CellServDB> file on the local
machine. If the B<-cell> argument is omitted, the command
interpreter determines the name of the local cell by reading the following in
order:
=item *
The value of the AFSCELL environment variable
=item *
The local /usr/vice/etc/ThisCell file
=item -force
L<(1)>
Enables the command to continue executing as far as possible when errors or
other problems occur, rather than halting execution immediately.
Without it, the command halts as soon as the first error is
encountered. In either case, the B<pts> command interpreter
reports errors at the command shell. This flag is especially useful if
the issuer provides many values for a command line argument; if one of
them is invalid, the command interpreter continues on to process the remaining
arguments.
L<(1)>
=item -help
Prints a command's online help message on the standard output
stream. Do not combine this flag with any of the command's other
options; when it is provided, the command interpreter ignores all other
options, and only prints the help message.
=item -noauth
L<(1)>
Establishes an unauthenticated connection to the Protection Server, in which
the server treats the issuer as the unprivileged user
B<anonymous>. It is useful only when authorization checking is
disabled on the server machine (during the installation of a file server
machine or when the B<bos setauth> command has been used during other
unusual circumstances). In normal circumstances, the Protection Server
allows only privileged users to issue commands that change the Protection
Database, and refuses to perform such an action even if the B<-noauth>
flag is provided.
=back
=head1 PRIVILEGE REQUIRED
Members of the system:administrators group can issue all
B<pts> commands on any entry in the Protection Database.
Users who do not belong to the system:administrators group
can list information about their own entry and any group entries they
own. The privacy flags set with the B<pts setfields> command
control access to entries owned by other users.
=head1 SEE ALSO
L<pts_adduser(1)>,
L<pts_apropos(1)>,
L<pts_chown(1)>,
L<pts_creategroup(1)>,
L<pts_createuser(1)>,
L<pts_delete(1)>,
L<pts_examine(1)>,
L<pts_help(1)>,
L<pts_listentries(1)>,
L<pts_listmax(1)>,
L<pts_listowned(1)>,
L<pts_membership(1)>,
L<pts_removeuser(1)>,
L<pts_rename(1)>,
L<pts_setfields(1)>,
L<pts_setmax(1)>
=head1 COPYRIGHT
IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
This documentation is covered by the IBM Public License Version 1.0. It was
converted from HTML to POD by software written by Chas Williams and Russ
Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
Reference in New Issue View Git Blame Copy Permalink