SCS Computing
 Services and Solutions
  links to the SCS and CMU home pages Carnegie Mellon School of Computer Science Carnegie Mellon University
 » How to… 
 » Accounts & passwords 
 » AFS 
 » AV help 
 » Backups & restores 
 » Calendaring 
 » E-mail 
 » Networking 
 » Printing 
 » Purchasing 
 » Resource management 
 » Security 
 » Software licensing 
 » Support charges 
 » Support lifecycle 
 » Web publishing 
 » Mac support 
 » Linux support 
 » Windows PC support 

AFS quick reference

AFS access permissions

Permissions that apply to directories

l (lookup)
Allows one to list the contents of a directory. It does not allow the reading of files.
i (insert)
Allows one to create new files in a directory or copy new files to a directory.
d (delete)
Allows one to remove files and sub-directories from a directory.
a (administer)
Allows one to change a directory's ACL. The owner of a directory can always change the ACL of a directory that s/he owns, along with the ACLs of any subdirectories in that directory.

Permissions that apply to files

r (read)
Allows one to read the contents of file in the directory.
w (write)
Allows one to modify the contents of files in a directory and use chmod on them.
k (lock)
Allows programs to lock files in a directory.

Special AFS groups

Anyone, anywhere.
Anyone on a CMU host.
Anyone on a SCS host.
Anyone authenticated to the AFS cell (people with valid SCS accounts).
Authorized AFS administrators (Facilities staff).
The SCS Web servers and a few other authorized hosts.

Using the fs command to list your AFS quota

fs lq <directory-name>

Using the fs command to list/change ACLs

fs help will list all fs commands. fs help <command> will list the syntax for the given command.
An ACL entry is of the form:
    <user_or_group name> <permissions>
For example:
    system:anyuser rl

To list a directory's ACL

fs la <directory-name>

To add a user or group to an ACL

fs sa -dir <directory> -acl <acl entries>

To remove a user or group from an ACL

fs sa -dir <directory> -acl  <username_or_groupname> none

Using the pts command to manipulate AFS groups

pts help will list all pts commmands. pts help <command> will list the syntax for a given command. User-created groups should have names of the form: your_userid:<name>.

To create a group

pts creategroup <name>

To add a user to a group

pts adduser -user <user> -group <group>

To remove a user from a group

pts removeuser -user <user> -group <group>

To list the membership of a group

pts membership <group>

To list the groups a user belongs to

pts membership <user>

To find out information about a group

pts examine <group>

To find out information about a user

pts examine <user>

To delete a group

pts delete <group>