命令的帮助文档可以看后面的附件。
1、建立一个新卷并设置上限值:
vos create jncc.edu.cn /vicepa [volname].cell
fs mkmount /afs/afs.server.edu/... [volname].cell
fs setacl /afs/afs.server.edu/.... [system:anyuser] rl
注意:执行fs来设置新用户前,必须使用pts createuser命令来添加用户!
[root@jncc usr]# fs setquota [dir] -max 1000000
2、为当前建立一个备份卷:
vos backup [volname].cell 该命令可以用于同步卷与其备份卷
3、使用kas时需要使用参数来指定用户,不同的用户具有不同的权限
kas -admin_username [admin]
4、使用kas中的create命令来添加用户并设置密码
ka> create [a26]
initial_password:
Verifying, please re-enter initial_password:
5、可以使用pts adduser命令将建立的用户添加到指定的组中,
[root@jncc usr]# pts createuser a26 #建立用户以获得id
User a26 has id 4
[root@jncc usr]# pts adduser a26 admin:jnccteam
立刻查看一下
[root@jncc usr]# pts membership admin:jnccteam
Members of admin:jnccteam (id: -206) are:
robin
a26 #成功添加!
用同样的方法添加stusr用户,并建立stusr:team,让stusr成为该组拥有者
[root@jncc usr]# pts creategroup -name stusr:team -owner stusr
group stusr:team has id -207
将a26加入stusr:team
[root@jncc usr]# pts adduser a26 stusr:team
管理的时候,可以使用fs setacl来对不同的目录设置不同的权限。可以对组设置,也可以对单个用户设置。
[root@jncc usr]# fs setacl /afs/afs.server.edu/usr/A26 admin:jnccteam rlw
[root@jncc usr]# fs setacl /afs/afs.server.edu/usr/A26 a26 rlwi
[root@jncc usr]# fs listacl /afs/afs.server.edu/usr/A26
Access list for /afs/afs.server.edu/usr/A26 is
Normal rights:
admin:jnccteam rlw
system:administrators rlidwka
a26 rliw
注意:l(lookup):有遍历文件夹的作用,所有没有l权限但有r权限是无法浏览文件夹的。
上面的例子,给admin:jnccteam 设置了rw(读、写)权限,a26设置了riw(读、插入、写)的权限。这样admin:jnccteam中的其他成员(如:robin)对该目录就没有了i权限。
另外可用fs setacl /afs/afs.server.edu/usr/A26 a26 none 取消a26的所有权限。
r-读取 l-查表 w-写入 i-插入 d-删除 k-锁定 a-管理
附件:
ka> help
Commands are:
apropos search by help text
create create an entry for a user
delete delete a user
examine examine the entry for a user
forgetticket delete user's tickets
help get help on commands
interactive enter interactive mode
list list all users in database
listtickets show all cache manager tickets
noauthentication connect to AuthServer w/o using token
quit exit program
setfields set various fields in a user's entry
setpassword set a user's password
statistics show statistics for AuthServer
stringtokey convert a string to a key
unlock Enable authentication ID after max failed attempts exceeded
[root@jncc usr]# pts help
pts: Commands are:
adduser add a user to a group
apropos search by help text
chown change ownership of a group
creategroup create a new group
createuser create a new user
delete delete a user or group from database
examine examine an entry
help get help on commands
interactive enter interactive mode
listentries list users/groups in the protection database
listmax list max id
listowned list groups owned by an entry or zero id gets orphaned groups
membership list membership of a user or group
quit exit program
removeuser remove a user from a group
rename rename user or group
setfields set fields for an entry
setmax set max id
sleep pause for a bit
source read commands from file