Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
PTS_SETFIELDS(1)	     AFS Command Reference	      PTS_SETFIELDS(1)

NAME
       pts_setfields - Sets privacy flags or quota for a Protection Database
       entry

SYNOPSIS
       pts setfields -nameorid <user or	group name or id>+
	   [-access <set privacy flags>]
	   [-groupquota	<set limit on group creation>]
	   [-cell <cell	name>] [-noauth] [-localauth]
	   [-force] [-help]

       pts setf	-na <user or group name	or id>+
	   [-a <set privacy flags>]
	   [-g <set limit on group creation>] [-c <cell	name>]
	   [-no] [-l] [-f] [-h]

DESCRIPTION
       The pts setfields command sets the group-creation quota,	the privacy
       flags, or both, associated with each user, machine, or group entry
       specified by the	-nameorid argument.

       To examine the current quota and	privacy	flags, use the pts examine
       command.

CAUTIONS
       Changing	a machine or group's group-creation quota is allowed, but not
       recommended. The	concept	is meaningless for machines and	groups,
       because it is impossible	to authenticate	as a group or machine.

       Similarly, some privacy flag settings do	not have a sensible
       interpretation. "OPTIONS" specifies the appropriate settings.

OPTIONS
       -nameorid <user or group	name or	id>+
	   Specifies the name or AFS UID of each user, the IP address
	   (complete or	wildcard-style)	of each	machine, or the	name or	AFS
	   GID of each machine for which to set	privacy	flags or group-
	   creation quota. It is acceptable to mix users, machines, and	groups
	   on the same command line, as	well as	names (IP addresses for
	   machines) and IDs. Precede the GID of each group with a hyphen to
	   indicate that it is negative.

       -access <privacy	flags>
	   Specifies the privacy flags to apply	to each	entry. Provide a
	   string of five characters, one for each of the permissions. If this
	   option is omitted, the current setting remains unchanged.

	   Set each flag to achieve the	desired	combination of permissions. If
	   the following list does not mention a certain setting, it is	not
	   acceptable. For further discussion of the privacy flags, see
	   pts_examine(1).

	   o   The first flag determines who can use the pts examine command
	       to display information from a user, machine or group's
	       Protection Database entry.

	       o   Set it to lowercase "s" to permit the members of the
		   system:administrators group to display a user, machine, or
		   group entry,	the associated user to display a user entry,
		   and the owner or members of a group to display the group
		   entry.

	       o   Set it to uppercase "S" to permit anyone who	can access the
		   cell's database server machines to display a	user, machine,
		   or group entry.

	   o   The second flag determines who can use the pts listowned
	       command to list the groups that a user or group owns.

	       o   Set it to the hyphen	("-") to permit	the members of the
		   system:administrators group and a user to list the groups
		   he or she owns, or to permit	the members of the
		   system:administrators group and a group's owner to list the
		   groups that a group owns.

	       o   Set it to uppercase letter "O" to permit anyone who can
		   access the cell's database server machines to list the
		   groups owned	by a machine or	group entry.

	   o   The third flag determines who can use the pts membership
	       command to list the groups to which a user or machine belongs,
	       or the users and	machines that belong to	a group.

	       o   Set it to the hyphen	("-") to permit	the members of the
		   system:administrators group and a user to list the groups
		   he or she belongs to, to permit the members of the
		   system:administrators group to list the groups a machine
		   belongs to, or to permit the	members	of the
		   system:administrators group and a group's owner to list the
		   users and machines that belong to it.

	       o   Set it to lowercase "m" to permit members of	a group	to
		   list	the other members. (For	user and machine entries, this
		   setting is equivalent to the	hyphen.)

	       o   Set it to uppercase "M" to permit anyone who	can access the
		   cell's database server machines to list membership
		   information for a user, machine or group.

	   o   The fourth flag determines who can use the pts adduser command
	       to add users and	machines as members of a group.	This flag has
	       no sensible interpretation for user and machine entries,	but
	       must be set nonetheless,	preferably to the hyphen.

	       o   Set it to the hyphen	("-") to permit	the members of the
		   system:administrators group and the owner of	the group to
		   add members.

	       o   Set it to lowercase "a" to permit members of	a group	to add
		   other members.

	       o   Set it to uppercase "A" to permit anyone who	can access the
		   cell's database server machines to add members to a group.

	   o   The fifth flag determines who can use the pts removeuser
	       command to remove users and machines from membership in a
	       group. This flag	has no sensible	interpretation for user	and
	       machine entries,	but must be set	nonetheless, preferably	to the
	       hyphen.

	       o   Set it to the hyphen	("-") to permit	the members of the
		   system:administrators group and the owner of	the group to
		   remove members.

	       o   Set it to lowercase "r" to permit members of	a group	to
		   remove other	members.

       -groupquota <group creation quota>
	   Specifies the number	of additional groups a user can	create (it
	   does	not matter how many he or she has created already). Do not
	   include this	argument for a group or	machine	entry.

       -cell <cell name>
	   Names the cell in which to run the command. For more	details, see
	   pts(1).

       -force
	   Enables the command to continue executing as	far as possible	when
	   errors or other problems occur, rather than halting execution at
	   the first error.

       -help
	   Prints the online help for this command. All	other valid options
	   are ignored.

       -localauth
	   Constructs a	server ticket using a key from the local
	   /usr/local/etc/openafs/server/KeyFile file. Do not combine this
	   flag	with the -cell or -noauth options. For more details, see
	   pts(1).

       -noauth
	   Assigns the unprivileged identity anonymous to the issuer. For more
	   details, see	pts(1).

EXAMPLES
       The following example changes the privacy flags on the group
       "operators", retaining the default values of the	first, second and
       third flags, but	setting	the fourth and fifth flags to enable the
       group's members to add and remove other members.

	  % pts	setfields -nameorid operators -access S-Mar

       The following example changes the privacy flags and sets	group quota on
       the user	entry "admin". It retains the default values of	the first,
       fourth, and fifth flags,	but sets the second and	third flags, to	enable
       anyone to list the groups that "admin" owns and belongs to.  Users
       authenticated as	"admin"	can create an additional 50 groups.

	  % pts	setfields -nameorid admin -access SOM--	-groupquota 50

PRIVILEGE REQUIRED
       To edit group entries or	set the	privacy	flags on any type of entry,
       the issuer must own the entry or	belong to the system:administrators
       group. To set group-creation quota on a user entry, the issuer must
       belong to the system:administrators group.

SEE ALSO
       pts(1), pts_adduser(1), pts_examine(1), pts_listowned(1),
       pts_membership(1), pts_removeuser(1)

COPYRIGHT
       IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.

       This documentation is covered by	the IBM	Public License Version 1.0.
       It was converted	from HTML to POD by software written by	Chas Williams
       and Russ	Allbery, based on work by Alf Wachsmann	and Elizabeth Cassell.

OpenAFS				  2016-12-15		      PTS_SETFIELDS(1)

NAME | SYNOPSIS | DESCRIPTION | CAUTIONS | OPTIONS | EXAMPLES | PRIVILEGE REQUIRED | SEE ALSO | COPYRIGHT

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=pts_setfields&sektion=1&manpath=FreeBSD+12.1-RELEASE+and+Ports>

home | help