po2.transarc.com (5.54/3.15) id <AA01431> for info-afs; Thu, 10 Nov 94
05:49:32 EST
Received: from afs.mcc.ac.uk (actually cfs2.mcc.ac.uk) by
yama.mcc.ac.uk
with SMTP (PP); Thu, 10 Nov 1994 10:49:13 +0100
Message-Id: <[EMAIL PROTECTED]>
Subject: Re: PROBLEM: delegating volume creation procedures.
To: [EMAIL PROTECTED] (Hugo Andrade Cartaxeiro)
Date: Thu, 10 Nov 1994 10:49:06 +0000 (GMT)
Cc: [EMAIL PROTECTED]
In-Reply-To: <[EMAIL PROTECTED]> from "Hugo Andrade
Cartaxeiro" at Nov 9, 94 12:28:44 pm
Reply-To: [EMAIL PROTECTED]
From: [EMAIL PROTECTED]
X-Mailer: ELM [version 2.4 PL24alpha3]
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Content-Length: 1246
> I have a problem related with delegating privileges to a user in a
> single file-server. That user only belong to the UserList on that
> file-server, and doesn't belong to system:administrator group.
>
> That user can create and mount the volume(s) but can't access it
> because the just mounted volume/directory is owned by root, and the
> default acl is system:administrator all.
We have been solving similar problems by using adm. It is available
by anonymous ftp from ftp.andrew.cmu.edu in /pub/adm. The disadvantage
is that you need to do a bit of scheme programming (which is not hard)
and that there is very little documentation. I can provide some example
programs (mine) and some documents others have sent me.
A further disadvantage for those of us working outside the US is that
the pig-headed American export laws do not allow us to be able to compile
adm in such a way that all of its functions work; in particular the
kas functions do not work, so that you cannot delegate the authority
to reset passwords, for example. One wishes that Transarc or someone
could arrange to distribute compiled copies of the adm utility.
I have asked for this before, but not received any response.
-- Owen
[EMAIL PROTECTED]
