Home Page-->Users' Guide-->Andrew File System (AFS)-->Terminology

The Consortium

	About us
	Location
	Staff

	Annual Report 2011
	Annual Report 2010
	Annual Report 2009
	Annual Report 2008

	Job opportunities

Activities & services

	Scientific computing and data processing
	Library automation
	Network
	Basic services
	Projects and collaborations
	Training courses
	Summer School of Advanced Computing
	HPC Courses


ISO 9001:2008

AFS TERMS AND COMMANDS

Access Control Lists

Every /afs directory has an attribute called “Access Control List” (ACL), consisting of seven fields which define the modes of access to AFS subdirectories:

l [lookup] permits to enter UNIX ls and cd commands and to control a directory's ACL
r [read] permits to read alla the files within a directory
i [insert] permits to create new files and subdirectories within a directory
w [write] permits to modify the files' content
d [delete] permits to delete or rename files
k [lock] permits to execute programs that makes the system flock call on the files in a directory
a [administer] permits to modify the directory's ACL

Example: ACLs in the ID=bizzarri user's home directory :

DIRECTORY	ACL	PERMISSIONS
~bizzarri	bizzarri rlidwka system:anyuser l	The user bizzarri has all the rights, other users can see the content of the directory but cannot accede his files.
~bizzarri/private	bizzarri rlidwka	The user bizzarri has all the rights, nobody can accede to his "private" subdirectory.
~bizzarri/public	bizzarri rlidwka system:anyuser rl	The user bizzarri has all the rights, everybody can accede to his "public" subdirectory and to the files in it.

Protection Groups

Users can create Protection Groups, including other users’ ID; these groups can be inserted in the ACL, in order to reserve the access to certain users. Every AFS access assured to the group is automatically extended to each member.

AFS Commands

The most used commands are: klog, unlog, tokens, kpasswd, fs, pts (allocated in /usr/afsws/bin and /usr/afsws/etc on every client computer). Some commands are reserved to authorized users only.

klog [username] - to obtain or renew authentication token [username]
unlog - to destroy tokens tokens
tokens - to display current tokens
kpasswd - to change AFS password
fs whereis(whe) [dir/path] - to show the name of the file server where the specified directory is allocated
fs checkservers(checks) - to show the file servers’ status
fs listquota(lq) [path] - to show the disk quote of the specified path
fs quota(q) [path] - to show the percentage of disk quote used for the specified path
fs listacl(la) [path] - to show the ACL of the specified path
fs setacl(sa) path ACL_entry - to set the ACL of the specified path
fs copyacl(co) source_dir dest_dir - to copy the source directory’s ACL to one or more destination directories
pts creategroup(cg) user:group -owner user - to create a protection group for the user user, -owner option is mandatory for generic users
pts adduser(ad) user group - to add a user to a group
pts removeuser(rem) user group - to remove a user from a group
pts delete(del) group - to delete a group
pts rename(ren) oldname newname - to change a group name