Hrm, I thought that any member of system:administrators could create
pts groups with arbitrary ownership, but it seems that I can't do this
using my "main" principal -- I executed these commands while holding
tokens for [EMAIL PROTECTED] in cell research.cs.berkeley.edu:
$ pts membership system:administrators -cell research.cs.berkeley.edu
Members of system:administrators (id: -204) are:
afsadmin
[EMAIL PROTECTED]
[EMAIL PROTECTED]
$ pts creategroup project.sbp system:administrators -cell
research.cs.berkeley.edu
pts: Permission denied ; unable to create group project.sbp with id 0 owned
by 'system:administrators'
Are there some powers that are withheld from administrators using a
cross-realm pts id? The command succeeds when authenticated as
afsadmin.
- a
--
PGP/GPG: 5C9F F366 C9CF 2145 E770 B1B8 EFB1 462D A146 C380
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
