Commit | Line | Data |
---|---|---|
805e021f CE |
1 | =head1 NAME |
2 | ||
3 | uss_delete - Deletes a user account (deprecated) | |
4 | ||
5 | =head1 SYNOPSIS | |
6 | ||
7 | =for html | |
8 | <div class="synopsis"> | |
9 | ||
10 | B<uss delete> S<<< B<-user> <I<login name>> >>> | |
11 | S<<< [B<-mountpoint> <I<mountpoint for user's volume>>] >>> | |
12 | [B<-savevolume>] [B<-verbose>] S<<< [B<-cell> <I<cell name>>] >>> | |
13 | S<<< [B<-admin> <I<administrator to authenticate>>] >>> [B<-dryrun>] | |
14 | [B<-skipauth>] [B<-help>] | |
15 | ||
16 | B<uss d> S<<< B<-u> <I<login name>> >>> S<<< [B<-m> <I<mountpoint for user's volume>>] >>> | |
17 | [B<-sa>] [B<-v>] S<<< [B<-c> <I<cell name>>] >>> | |
18 | S<<< [B<-a> <I<administrator to authenticate>>] >>> [B<-d>] [B<-sk>] [B<-h>] | |
19 | ||
20 | =for html | |
21 | </div> | |
22 | ||
23 | =head1 CAUTIONS | |
24 | ||
25 | The B<uss> command suite is currently designed for cells using the | |
26 | obsolete Authentication Server, and therefore is primarily useful for | |
27 | sites that have not yet migrated to a Kerberos version 5 KDC. The | |
28 | Authentication Server and supporting commands will be removed in a future | |
29 | version of OpenAFS, which may include B<uss> unless someone who finds it | |
30 | useful converts it to work with a Kerberos version 5 KDC. | |
31 | ||
32 | =head1 DESCRIPTION | |
33 | ||
34 | The B<uss delete> command removes the Authentication Database and | |
35 | Protection Database entries for the user named by B<-user> argument. In | |
36 | addition, it can remove the user's home volume and associated VLDB entry, | |
37 | a mount point for the volume or both, depending on whether the | |
38 | B<-mountpoint> and B<-savevolume> options are provided. | |
39 | ||
40 | =over 4 | |
41 | ||
42 | =item * | |
43 | ||
44 | To remove both the volume and mount point, use the B<-mountpoint> argument | |
45 | to name the user's home directory. It is best to create a tape backup of a | |
46 | volume before deleting it. Note that other mount points for the volume are | |
47 | not removed, if they exist. | |
48 | ||
49 | =item * | |
50 | ||
51 | To remove the mount point only, provide both the B<-mountpoint> and | |
52 | B<-savevolume> options. | |
53 | ||
54 | =item * | |
55 | ||
56 | To preserve both the volume and mount point, omit the B<-mountpoint> | |
57 | argument (or both it and the B<-savevolume> flag). | |
58 | ||
59 | =back | |
60 | ||
61 | =head1 OPTIONS | |
62 | ||
63 | =over 4 | |
64 | ||
65 | =item B<-user> <I<login name>> | |
66 | ||
67 | Names the entry to delete from the Protection and Authentication | |
68 | Databases. | |
69 | ||
70 | =item B<-mountpoint> <I<mountpoint for the user's volume>> | |
71 | ||
72 | Specifies the pathname to the user's home directory, which is deleted from | |
73 | the filespace. By default, the volume referenced by the mount point is | |
74 | also removed from the file server machine that houses it, along with its | |
75 | Volume Location Database (VLDB) entry. To retain the volume and VLDB | |
76 | entry, include the B<-savevolume> flag. Partial pathnames are interpreted | |
77 | relative to the current working directory. | |
78 | ||
79 | Specify the read/write path to the mount point, to avoid the failure that | |
80 | results from attempting to remove a mount point from a read-only | |
81 | volume. By convention, the read/write path is indicated by placing a | |
82 | period before the cell name at the pathname's second level (for example, | |
83 | F</afs/.example.com>). For further discussion of the concept of read/write and | |
84 | read-only paths through the filespace, see the B<fs mkmount> reference | |
85 | page. | |
86 | ||
87 | =item B<-savevolume> | |
88 | ||
89 | Preserves the user's volume and VLDB entry. | |
90 | ||
91 | =item B<-verbose> | |
92 | ||
93 | Produces on the standard output stream a detailed trace of the command's | |
94 | execution. If this argument is omitted, only warnings and error messages | |
95 | appear. | |
96 | ||
97 | =item B<-cell> <I<cell name>> | |
98 | ||
99 | Specifies the cell in which to run the command. For more details, see | |
100 | L<uss(8)>. | |
101 | ||
102 | =item B<-admin> <I<administrator to authenticate>> | |
103 | ||
104 | Specifies the AFS user name under which to establish authenticated | |
105 | connections to the AFS server processes that maintain the various | |
106 | components of a user account. For more details, see L<uss(8)>. | |
107 | ||
108 | =item B<-dryrun> | |
109 | ||
110 | Reports actions that the command interpreter needs to perform while | |
111 | executing the command, without actually performing them. For more details, | |
112 | see L<uss(8)>. | |
113 | ||
114 | =item B<-skipauth> | |
115 | ||
116 | Prevents authentication with the AFS Authentication Server, allowing a | |
117 | site using Kerberos to substitute that form of authentication. | |
118 | ||
119 | =item B<-help> | |
120 | ||
121 | Prints the online help for this command. All other valid options are | |
122 | ignored. | |
123 | ||
124 | =back | |
125 | ||
126 | =head1 EXAMPLES | |
127 | ||
128 | The following command removes smith's user account from the C<example.com> | |
129 | cell. The B<-savevolume> argument retains the C<user.smith> volume on its | |
130 | file server machine. | |
131 | ||
132 | % uss delete smith -mountpoint /afs/example.com/usr/smith -savevolume | |
133 | ||
134 | =head1 PRIVILEGE REQUIRED | |
135 | ||
136 | The issuer (or the user named by B<-admin> argument) must belong to the | |
137 | system:administrators group in the Protection Database, must have the | |
138 | C<ADMIN> flag turned on in his or her Authentication Database entry, and | |
139 | must have at least C<a> (administer) and C<d> (delete) permissions on the | |
140 | access control list (ACL) of the mount point's parent directory. If the | |
141 | B<-savevolume> flag is not included, the issuer must also be listed in the | |
142 | F</usr/afs/etc/UserList> file. | |
143 | ||
144 | =head1 SEE ALSO | |
145 | ||
146 | L<UserList(5)>, | |
147 | L<fs_mkmount(1)>, | |
148 | L<uss(8)> | |
149 | ||
150 | =head1 COPYRIGHT | |
151 | ||
152 | IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved. | |
153 | ||
154 | This documentation is covered by the IBM Public License Version 1.0. It was | |
155 | converted from HTML to POD by software written by Chas Williams and Russ | |
156 | Allbery, based on work by Alf Wachsmann and Elizabeth Cassell. |