pts(1)
NAME
pts - Introduction to the pts command suite
DESCRIPTION
The commands in the pts command suite are the administrative interface
to the Protection Server, which runs on each database server machine in
a cell and maintains the Protection Database. The database stores the
information that AFS uses to augment and refine the standard UNIX
scheme for controlling access to files and directories.
Instead of relying only on the mode bits that define access rights for
individual files, AFS associates an access control list (ACL) with each
directory. The ACL lists users and groups and specifies which of seven
possible access permissions they have for the directory and the files
it contains. (It is still possible to set a directory or file's mode
bits, but AFS interprets them in its own way; see the chapter on
protection in the OpenAFS Administration Guide for details.)
AFS enables users to define groups in the Protection Database and place
them on ACLs to extend a set of rights to multiple users
simultaneously. Groups simplify administration by making it possible
to add someone to many ACLs by adding them to a group that already
exists on those ACLs. Machines can also be members of a group, so that
users logged into the machine automatically inherit the permissions
granted to the group.
There are several categories of commands in the pts command suite:
* Commands to create and remove Protection Database entries: pts
creategroup, pts createuser, and pts delete.
* Commands to administer and display group membership: pts adduser,
pts listowned, pts membership, and pts removeuser.
* Commands to administer and display properties of user and group
entries other than membership: pts chown, pts examine, pts
listentries, pts rename, and pts setfields.
* Commands to set and examine the counters used when assigning IDs to
users and groups: pts listmax and pts setmax.
* Commands to run commands interactively: pts interactive, pts sleep,
and pts quit.
* A command to run commands from a file: pts source.
* Commands to obtain help: pts apropos and pts help.
* A command to display the OpenAFS command suite version: pts
version.
OPTIONS
The following arguments and flags are available on many commands in the
pts suite. The reference page for each command also lists them, but
they are described here in greater detail.
-cell <cell name>
Names the cell in which to run the command. It is acceptable to
abbreviate the cell name to the shortest form that distinguishes it
from the other entries in the /etc/openafs/CellServDB file on the
local machine. If the -cell argument is omitted, the command
interpreter determines the name of the local cell by reading the
following in order:
* The value of the AFSCELL environment variable.
* The local /etc/openafs/ThisCell file.
Do not combine the -cell and -localauth options. A command on
which the -localauth flag is included always runs in the local
cell (as defined in the server machine's local
/etc/openafs/server/ThisCell file), whereas a command on which
the -cell argument is included runs in the specified foreign
cell.
-force
Enables the command to continue executing as far as possible when
errors or other problems occur, rather than halting execution
immediately. Without it, the command halts as soon as the first
error is encountered. In either case, the pts command interpreter
reports errors at the command shell. This flag is especially useful
if the issuer provides many values for a command line argument; if
one of them is invalid, the command interpreter continues on to
process the remaining arguments.
-help
Prints a command's online help message on the standard output
stream. Do not combine this flag with any of the command's other
options; when it is provided, the command interpreter ignores all
other options, and only prints the help message.
-noauth
Establishes an unauthenticated connection to the Protection Server,
in which the server treats the issuer as the unprivileged user
"anonymous". It is useful only when authorization checking is
disabled on the server machine (during the installation of a file
server machine or when the bos setauth command has been used during
other unusual circumstances). In normal circumstances, the
Protection Server allows only privileged users to issue commands
that change the Protection Database, and refuses to perform such an
action even if the -noauth flag is provided.
-encrypt
Establishes an authenticated, encrypted connection to the
Protection Server. It is useful when it is desired to obscure
network traffic related to the transactions being done.
-localauth
Constructs a server ticket using the server encryption key with the
highest key version number in the local /etc/openafs/server/KeyFile
file. The pts command interpreter presents the ticket, which never
expires, to the BOS Server during mutual authentication.
Use this flag only when issuing a command on a server machine;
client machines do not usually have a /etc/openafs/server/KeyFile
file. The issuer of a command that includes this flag must be
logged on to the server machine as the local superuser "root". The
flag is useful for commands invoked by an unattended application
program, such as a process controlled by the UNIX cron utility. It
is also useful if an administrator is unable to authenticate to AFS
but is logged in as the local superuser "root".
Do not combine the -cell and -localauth options. A command on which
the -localauth flag is included always runs in the local cell (as
defined in the server machine's local /etc/openafs/server/ThisCell
file), whereas a command on which the -cell argument is included
runs in the specified foreign cell. Also, do not combine the
-localauth and -noauth flags.
PRIVILEGE REQUIRED
Members of the system:administrators group can issue all pts commands on any entry in the Protection Database. Users who do not belong to the system:administrators group can list information about their own entry and any group entries they own. The privacy flags set with the pts setfields command control access to entries owned by other users.
SEE ALSO
pts_adduser(1), pts_apropos(1), pts_chown(1), pts_creategroup(1), pts_createuser(1), pts_delete(1), pts_examine(1), pts_help(1), pts_interactive(1), pts_listentries(1), pts_listmax(1), pts_listowned(1), pts_membership(1), pts_quit(1), pts_removeuser(1), pts_rename(1), pts_setfields(1), pts_setmax(1), pts_sleep(1), pts_source(1) The OpenAFS Administration Guide at <http://docs.openafs.org/AdminGuide/>.
COPYRIGHT
IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved. This documentation is covered by the IBM Public License Version 1.0. It was converted from HTML to POD by software written by Chas Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
Opportunity
Personal Opportunity - Free software gives you access to billions of dollars of software at no cost. Use this software for your business, personal use or to develop a profitable skill. Access to source code provides access to a level of capabilities/information that companies protect though copyrights. Open source is a core component of the Internet and it is available to you. Leverage the billions of dollars in resources and capabilities to build a career, establish a business or change the world. The potential is endless for those who understand the opportunity.
Business Opportunity - Goldman Sachs, IBM and countless large corporations are leveraging open source to reduce costs, develop products and increase their bottom lines. Learn what these companies know about open source and how open source can give you the advantage.
Free Software
Free Software provides computer programs and capabilities at no cost but more importantly, it provides the freedom to run, edit, contribute to, and share the software. The importance of free software is a matter of access, not price. Software at no cost is a benefit but ownership rights to the software and source code is far more significant.
Free Office Software - The Libre Office suite provides top desktop productivity tools for free. This includes, a word processor, spreadsheet, presentation engine, drawing and flowcharting, database and math applications. Libre Office is available for Linux or Windows.
Free Books
The Free Books Library is a collection of thousands of the most popular public domain books in an online readable format. The collection includes great classical literature and more recent works where the U.S. copyright has expired. These books are yours to read and use without restrictions.
Source Code - Want to change a program or know how it works? Open Source provides the source code for its programs so that anyone can use, modify or learn how to write those programs themselves. Visit the GNU source code repositories to download the source.
Education
Study at Harvard, Stanford or MIT - Open edX provides free online courses from Harvard, MIT, Columbia, UC Berkeley and other top Universities. Hundreds of courses for almost all major subjects and course levels. Open edx also offers some paid courses and selected certifications.
Linux Manual Pages - A man or manual page is a form of software documentation found on Linux/Unix operating systems. Topics covered include computer programs (including library and system calls), formal standards and conventions, and even abstract concepts.
