| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Date: Thu, 9 Apr 1992 09:54:24 -0400 (EDT) From: Lyle_Seaman@transarc.com To: Info-AFS@transarc.com Cc: ccprl@xdm001.ccc.cranfield.ac.uk, In-Reply-To: <9204090941.AA04383@xdm001> "Peter Lister, Cranfield Computer Centre" <ccprl@xdm001.ccc.cranfield.ac\ writes: > What we should be able to do is set ACLs for package1:users ONLY, and do the > rest with pts. Before the class: > > pts addmember -group package1:user -member student:group1 student:group2 \ > project:group3 > pts removemember -group package1:user -member system:anyuser > > After the class: > > pts addmember -group package1:users -member system:anyuser > > group1 group2 and group3 are groups maintained by or on behalf of another > department, or student registry. They are almost certainly NOT maintained by > the package support staff. > ------------------------------------------------------------------------ Not to deny the user interface issues but: There are cache consistency problems with such a scheme. As it currently stands, a change to an ACL will break callbacks to all clients to have the file cached. Subsequent references will be governed by the new access information. A change to a group does not affect accesses by users who already have tokens (until the tokens expire, or the user klogs again). Lyle Transarc 707 Grant Street 412 338 4474 The Gulf Tower Pittsburgh 15219
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |