+++ /dev/null
-<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 3//EN">
-<HTML><HEAD>
-<TITLE>Administration Reference</TITLE>
-<!-- Begin Header Records ========================================== -->
-<!-- /tmp/idwt3190/auarf000.scr converted by idb2h R4.2 (359) ID -->
-<!-- Workbench Version (AIX) on 5 Nov 1999 at 13:58:29 -->
-<META HTTP-EQUIV="updated" CONTENT="Fri, 05 Nov 1999 13:58:29">
-<META HTTP-EQUIV="review" CONTENT="Sun, 05 Nov 2000 13:58:29">
-<META HTTP-EQUIV="expires" CONTENT="Mon, 05 Nov 2001 13:58:29">
-</HEAD><BODY>
-<!-- (C) IBM Corporation 2000. All Rights Reserved -->
-<BODY bgcolor="ffffff">
-<!-- End Header Records ============================================ -->
-<A NAME="Top_Of_Page"></A>
-<H1>Administration Reference</H1>
-<HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auarf002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auarf134.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Bot_Of_Page"><IMG SRC="../bot.gif" BORDER="0" ALT="[Bottom of Topic]"></A> <A HREF="auarf136.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auarf284.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P>
-<P>
-<H2><A NAME="HDRFS_CLEANACL" HREF="auarf002.htm#ToC_149">fs cleanacl</A></H2>
-<A NAME="IDX4746"></A>
-<A NAME="IDX4747"></A>
-<A NAME="IDX4748"></A>
-<A NAME="IDX4749"></A>
-<A NAME="IDX4750"></A>
-<A NAME="IDX4751"></A>
-<A NAME="IDX4752"></A>
-<P><STRONG>Purpose</STRONG>
-<P>Remove obsolete entries from an ACL
-<P><STRONG>Synopsis</STRONG>
-<PRE><B>fs cleanacl </B>[<B>-path</B> <<VAR>dir/file path</VAR>><SUP>+</SUP>] [<B>-help</B>]
-
-<B>fs cl</B> [<B>-p</B> <<VAR>dir/file path</VAR>><SUP>+</SUP>] [<B>-h</B>]
-</PRE>
-<P><STRONG>Description</STRONG>
-<P>The <B>fs cleanacl</B> command removes from the access control list
-(ACL) of each specified directory or file any entry that refers to a user or
-group that no longer has a Protection Database entry. Such an entry
-appears on the ACL as an AFS user ID number (UID) rather than a name, because
-without a Protection Database entry, the File Server cannot translate the UID
-into a name.
-<P>Cleaning access control lists in this way not only keeps them from becoming
-crowded with irrelevant information, but also prevents the new possessor of a
-recycled AFS UID from obtaining access intended for the former possessor of
-the AFS UID. (Note that recycling UIDs is not recommended in any
-case.)
-<P><STRONG>Options</STRONG>
-<DL>
-<P><DT><B>-path
-</B><DD>Names each directory for which to clean the ACL (specifying a filename
-cleans its directory's ACL). If this argument is omitted, the
-current working directory's ACL is cleaned.
-<P>Specify the read/write path to each directory, to avoid the failure that
-results from attempting to change a read-only volume. By convention,
-the read/write path is indicated by placing a period before the cell name at
-the pathname's second level (for example,
-<B>/afs/.abc.com</B>). For further discussion of the
-concept of read/write and read-only paths through the filespace, see the
-<B>fs mkmount</B> reference page.
-<P><DT><B>-help
-</B><DD>Prints the online help for this command. All other valid options
-are ignored.
-</DL>
-<P><STRONG>Output</STRONG>
-<P>If there are no obsolete entries on the ACL, the following message
-appears:
-<PRE> Access list for <VAR>dir/file path</VAR> is fine.
-
-</PRE>
-<P>Otherwise, the output reports the resulting state of the ACL, following the
-header
-<PRE> Access list for <VAR>dir/file path</VAR> is now
-
-</PRE>
-<P>At the same time, the following error message appears for each file in the
-cleaned directories:
-<PRE> fs: '<VAR>filename</VAR>': Not a directory
-
-</PRE>
-<P><STRONG>Examples</STRONG>
-<P>The following example illustrates the cleaning of the ACLs on the current
-working directory and two of its subdirectories. Only the second
-subdirectory had obsolete entries on it.
-<PRE> % <B>fs cleanacl -path . ./reports ./sources</B>
- Access list for . is fine.
- Access list for ./reports is fine.
- Access list for ./sources is now
- Normal rights:
- system:authuser rl
- pat rlidwka
-
-</PRE>
-<P><STRONG>Privilege Required</STRONG>
-<P>The issuer must have the <B>a</B> (<B>administer</B>) permission on
-each directory's ACL (or the ACL of each file's parent
-directory); the directory's owner and the members of the
-<B>system:administrators</B> group have the right implicitly, even
-if it does not appear on the ACL.
-<P><STRONG>Related Information</STRONG>
-<P><A HREF="auarf148.htm#HDRFS_LISTACL">fs listacl</A>
-<P><A HREF="auarf153.htm#HDRFS_MKMOUNT">fs mkmount</A>
-<P>
-<HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auarf002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auarf134.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Top_Of_Page"><IMG SRC="../top.gif" BORDER="0" ALT="[Top of Topic]"></A> <A HREF="auarf136.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auarf284.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P>
-<!-- Begin Footer Records ========================================== -->
-<P><HR><B>
-<br>© <A HREF="http://www.ibm.com/">IBM Corporation 2000.</A> All Rights Reserved
-</B>
-<!-- End Footer Records ============================================ -->
-<A NAME="Bot_Of_Page"></A>
-</BODY></HTML>