On Tue, 5 Jun 2007, Adam Megacz wrote:
I understand why all of the bos operations are checked against a separate authorization list (bos adduser) rather than membership in system:administrators -- the ptserver might be down and you need to use bos to get it back up. However, it seems that the volserver bases "vos dump" permission on whether or not a user's key is in the "bos adduser" list rather than whether or not they are in system:administrators. Is there a reason for this?
You can have servers with a more limited set of admins.
Actually, now that I think about it, if all the ptserver instances are down, how would an admin be able to aklog (in order to run bos commands)?
-localauth. (but aklog doesn't *require* ptserver; see afslog) _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
