ee25310d |
1 | #pragma section-numbers off\r |
2 | \r |
3 | This page contains some examples on how to solve common problems with AFS.\r |
4 | \r |
5 | [[TableOfContents]]\r |
6 | \r |
7 | == Making a directory private ==\r |
8 | \r |
9 | If you wish to make a directory within your $HOME completely private so that only you can list, read, and write, do this:\r |
10 | \r |
11 | {{{\r |
12 | mkdir ~/private\r |
13 | fs setacl -clear ~/private <USERNAME> all\r |
14 | }}}\r |
15 | \r |
16 | Note that the {{{-clear}}} option causes any previously set ACLs to be removed. The {{{<USERNAME> all}}} part sets full access to the directory's contents to the specified user. Therefore, if you have a directory in your home directory that you wish to make only accessible to you (such as {{{~/.ssh}}} or {{{~/documents}}}), use:\r |
17 | \r |
18 | {{{fs setacl -clear ~/<DIRECTORY> <USERNAME> all}}}.\r |
19 | \r |
20 | == Serving a website with added privacy ==\r |
21 | \r |
22 | If you use domtool to set up your domain, there is a way to allow {{{system:anyuser}}} only to list the contents of public_html without breaking your website(s). By default ACLs '''R''' and '''L''' are given. Change that in this way: \r |
23 | \r |
24 | {{{\r |
25 | fs setacl ~/public_html system:anyuser l\r |
26 | }}}\r |
27 | \r |
28 | Now, add all permissions for the ''USER.daemon'' principle:\r |
29 | \r |
30 | {{{\r |
31 | fs setacl ~/public_html <USERNAME>.daemon all\r |
32 | }}}\r |
33 | \r |
34 | Be aware that this only works if you use your own domain -- if you use {{{http://deleuze.hcoop.net/~USERNAME}}} to serve your files, then you '''must''' be sure that {{{system:anyuser}}} can read {{{~/public_html}}} and its subdirectories.\r |
35 | \r |
36 | == Setting the rights permissions on your ~/.domtool directory ==\r |
37 | \r |
38 | {{{\r |
39 | fs setacl ~/.domtool domtool read\r |
40 | }}}\r |