Home
Calendar
Map
 Home
 Computing
Library
Search
Office of Information Technology

OIT HomeAbout OITGetting StartedTrouble Tickets
Helpdesk: ECS 020 / 410-455-3838 / Email: helpdesk@umbc.edu

How do I change ACLs for an entire directory tree (like chmod -R)?

Unfortunately, the designers of AFS didn't include a utility to directly do this, however UNIX provides some tools that will give you this functionality, with a few more keystrokes.

To do this, we must use the find command to search an entire directory tree, stopping at each directory and making the ACL change that we require. For example, I wish to give away to the user andy the rights to write into my www/afs directory so that we may collaborate on documentation. If this directory had no subdirectories that I was interested in giving him rights to, I would simply use the command fs setacl www/afs andy write. However, in this situation, there's an entire tree of stuff under there he needs to edit for me, so I need to do a bit more work. The following command line
will do the same as a "chmod -R" would do, and step through the entire tree setting the permissions appropriately:  find www/afs -type d -exec fs setacl {} andy write \;

While obviously, you're directory name and permissions will be different, it's important that the {}'s and the \; at the end of the command line are included, or it will not work correctly.

Owner Commands - Managing Users in an AFS Volume

The following commands must be issued from the command prompt. This means using telnet or SSH to connect to your umbc7 account, where you will enter your username and password.

At the system prompt (umbc{20}%) type: cd /afs/umbc.edu/public/www/deptname

for example: cd /afs/umbc.edu/public/www/oit

You are now in the proper directory to grant access rights.

To add a user to a group, type pts adduser username {owner}:{volume} . Please note that the group (volume) will be created by a system administrator and you (the owner) will be notified of the exact name of the group (volume). There may be occasions when you will need more than one group for each department, especially in the case of a large department, where different people may be working of different sections of the web site.

for example: pts adduser username fritz:oit (where fritz is the owner, and oit is the volume)

To remove a user from group (when they no longer need access), type pts removeuser username {owner}:{volume}

for example: pts removeuser username fritz:business (where fritz is the owner, and business is the volume)

To list users in the grouup, type pts membership {owner}:{volume}

for example: pts membership fritz:business

All of these commands can be done at any time.
Office of Information Technology • Main Office: ECS 125 • Phone: 410-455-3838 • Email: oit@umbc.edu