Derrick J Brashear <[EMAIL PROTECTED]> writes: > You can have servers with a more limited set of admins.
If they have admin powers on even a single fileserver, can't they steal the KeyFile and wreak havoc? >> Actually, now that I think about it, if all the ptserver instances are >> down, how would an admin be able to aklog (in order to run bos commands)? > -localauth. (but aklog doesn't *require* ptserver; see afslog) But localauth doesn't even require the "bos adduser" list... I guess I'm just wondering if the bos userlist can be eliminated and bosserver/volserver can use system:administrators instead. I'll write up a patch adding an option for this unless there's some reason why this is a Very Bad Idea. - a -- PGP/GPG: 5C9F F366 C9CF 2145 E770 B1B8 EFB1 462D A146 C380 _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
