HCoop Git - hcoop/zz_old/ikiwiki/blob - MemberManual/GettingStarted/AfsExamples.mdwn

   1 #pragma section-numbers off
   2
   3 This page contains some examples on how to solve common problems with AFS.
   4
   5 [[TableOfContents]]
   6
   7 == Making a directory private ==
   8
   9 If you wish to make a directory within your $HOME completely private so that only you can list, read, and write, do this:
  10
  11 {{{
  12 mkdir ~/private
  13 fs setacl -clear ~/private <USERNAME> all
  14 }}}
  15
  16 Note that the {{{-clear}}} option causes any previously set ACLs to be removed.  The {{{<USERNAME> all}}} part sets full access to the directory's contents to the specified user.  Therefore, if you have a directory in your home directory that you wish to make only accessible to you (such as {{{~/.ssh}}} or {{{~/documents}}}), use:
  17
  18 {{{fs setacl -clear ~/<DIRECTORY> <USERNAME> all}}}.
  19
  20 == Serving a website with added privacy ==
  21
  22 If you use domtool to set up your domain, there is a way to allow {{{system:anyuser}}} only to list the contents of public_html without breaking your website(s).  By default ACLs '''R''' and '''L''' are given.  Change that in this way:
  23
  24 {{{
  25 fs setacl ~/public_html system:anyuser l
  26 }}}
  27
  28 Now, add all permissions for the ''USER.daemon'' principle:
  29
  30 {{{
  31 fs setacl ~/public_html <USERNAME>.daemon all
  32 }}}
  33
  34 Be aware that this only works if you use your own domain -- if you use {{{http://deleuze.hcoop.net/~USERNAME}}} to serve your files, then you '''must''' be sure that {{{system:anyuser}}} can read {{{~/public_html}}} and its subdirectories.
  35
  36 == Setting the rights permissions on your ~/.domtool directory ==
  37
  38 {{{
  39 fs setacl ~/.domtool domtool read
  40 }}}