+++ /dev/null
-<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 4//EN">
-<HTML><HEAD>
-<TITLE>Administration Reference</TITLE>
-<!-- Begin Header Records ========================================== -->
-<!-- /tmp/idwt3672/auarf000.scr converted by idb2h R4.2 (359) ID -->
-<!-- Workbench Version (AIX) on 3 Oct 2000 at 16:18:30 -->
-<META HTTP-EQUIV="updated" CONTENT="Tue, 03 Oct 2000 16:18:29">
-<META HTTP-EQUIV="review" CONTENT="Wed, 03 Oct 2001 16:18:29">
-<META HTTP-EQUIV="expires" CONTENT="Thu, 03 Oct 2002 16:18:29">
-</HEAD><BODY>
-<!-- (C) IBM Corporation 2000. All Rights Reserved -->
-<BODY bgcolor="ffffff">
-<!-- End Header Records ============================================ -->
-<A NAME="Top_Of_Page"></A>
-<H1>Administration Reference</H1>
-<HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auarf002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auarf213.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Bot_Of_Page"><IMG SRC="../bot.gif" BORDER="0" ALT="[Bottom of Topic]"></A> <A HREF="auarf215.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auarf284.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P>
-<P>
-<H2><A NAME="HDRPTS_CREATEGROUP" HREF="auarf002.htm#ToC_228">pts creategroup</A></H2>
-<A NAME="IDX5252"></A>
-<A NAME="IDX5253"></A>
-<A NAME="IDX5254"></A>
-<A NAME="IDX5255"></A>
-<A NAME="IDX5256"></A>
-<A NAME="IDX5257"></A>
-<A NAME="IDX5258"></A>
-<A NAME="IDX5259"></A>
-<A NAME="IDX5260"></A>
-<A NAME="IDX5261"></A>
-<A NAME="IDX5262"></A>
-<A NAME="IDX5263"></A>
-<A NAME="IDX5264"></A>
-<A NAME="IDX5265"></A>
-<A NAME="IDX5266"></A>
-<A NAME="IDX5267"></A>
-<A NAME="IDX5268"></A>
-<A NAME="IDX5269"></A>
-<A NAME="IDX5270"></A>
-<A NAME="IDX5271"></A>
-<A NAME="IDX5272"></A>
-<A NAME="IDX5273"></A>
-<P><STRONG>Purpose</STRONG>
-<P>Creates an (empty) Protection Database group entry
-<P><STRONG>Synopsis</STRONG>
-<PRE><B>pts creategroup -name</B> <<VAR>group name</VAR>><SUP>+</SUP> [<B>-owner</B> <<VAR>owner of the group</VAR>>]
- [<B>-id</B> <<VAR>id (negated) for the group</VAR>><SUP>+</SUP>] [<B>-cell</B> <<VAR>cell name</VAR>>]
- [<B>-noauth</B>] [<B>-force</B>] [<B>-help</B>]
-
-<B>pts createg -na</B> <<VAR>group name</VAR>><SUP>+</SUP> [<B>-o</B> <<VAR>owner of the group</VAR>>]
- [<B>-i</B> <<VAR>id (negated) for the group</VAR>><SUP>+</SUP>] [<B>-c</B> <<VAR>cell name</VAR>>]
- [<B>-no</B>] [<B>-f</B>] [<B>-h</B>]
-
-<B>pts cg -na</B> <<VAR>group name</VAR>><SUP>+</SUP> [<B>-o</B> <<VAR>owner of the group</VAR>>]
- [<B>-i</B> <<VAR>id (negated) for the group</VAR>><SUP>+</SUP>]
- [<B>-c</B> <<VAR>cell name</VAR>>] [<B>-no</B>] [<B>-f</B>] [<B>-h</B>]
-</PRE>
-<P><STRONG>Description</STRONG>
-<P>The <B>pts creategroup</B> command creates an entry in the Protection
-Database for each group specified by the <B>-name</B> argument. The
-entry records the issuer of the command as the group's creator, and as
-the group's owner unless the <B>-owner</B> argument names an
-alternate user or group as the owner.
-<P>There are two types of groups:
-<UL>
-<P><LI><I>regular</I>, the names of which have two parts separated by a
-colon. The part before the colon names the group's owner.
-Any user can create such groups.
-<P><LI><I>prefix-less</I>, which do not have an owner prefix. Only
-members of the <B>system:administrators</B> group can create
-prefix-less groups.
-</UL>
-<P>Creating a group lowers the issuer's group-creation quota by
-one. This is true even if the <B>-owner</B> argument is used to
-assign ownership to an alternate user or group. To display a
-user's group-creation quota, use the <B>pts examine</B> command;
-to set it, use the <B>pts setfields</B> command.
-<P>AFS group ID (AFS GID) numbers are negative integers and by default the
-Protection Server assigns a GID that is one less (more negative) than the
-current value of the <TT>max group id</TT> counter in the Protection
-Database, decrementing the counter by one for each group. Members of
-the <B>system:administrators</B> group can use the <B>-id</B>
-argument to assign specific AFS GID numbers. If any of the specified
-GIDs is lower (more negative) than the current value of the <TT>max group
-id</TT> counter, the counter is reset to that value. It is acceptable
-to specify a GID greater (less negative) than the current value of the
-counter, but the creation operation fails if an existing group already has
-it. To display or set the value of the <TT>max group id</TT> counter,
-use the <B>pts listmax</B> or <B>pts setmax</B> command,
-respectively.
-<P><STRONG>Output</STRONG>
-<P>The command generates the following string to confirm creation of each
-group:
-<PRE> group <VAR>name</VAR> has id <VAR>AFS GID</VAR>
-
-</PRE>
-<P><STRONG>Cautions</STRONG>
-<P>Although using the <B>-owner</B> argument to designate a machine entry
-as a group's owner does not generate an error, it is not
-recommended. The Protection Server does not extend the usual privileges
-of group ownership to users logged onto the machine.
-<P><STRONG>Options</STRONG>
-<DL>
-<P><DT><B>-name
-</B><DD>Specifies the name of each group to create. Provide a string of up
-to 63 characters, which can include lowercase (but not uppercase) letters,
-numbers, and punctuation marks. A regular name includes a single colon
-(<B>:</B>) to separate the two parts of the name; the colon
-cannot appear in a prefix-less group name.
-<P>A regular group's name must have the following format:
-<PRE> <VAR>owner_name</VAR><B>:</B><VAR>group_name</VAR>
-
-</PRE>
-<P>and the <VAR>owner_name</VAR> field must reflect the actual owner of the
-group, as follows:
-<UL>
-<P><LI>If the optional <B>-owner</B> argument is not included, the field must
-match the AFS username under which the issuer is currently
-authenticated.
-<P><LI>If the <B>-owner</B> argument names an alternate AFS user, the field
-must match that AFS username.
-<P><LI>If the <B>-owner</B> argument names another regular group, the field
-must match the owning group's owner field (the part of its name before
-the colon). If the <B>-owner</B> argument names a prefix-less
-group, the field must match the owning group's complete name.
-</UL>
-<P><DT><B>-owner
-</B><DD>Specifies a user or group as the owner for each group, rather than the
-issuer of the command. Provide either an AFS username or the name of a
-regular or prefix-less group. An owning group must already have at
-least one member. This requirement prevents assignment of
-self-ownership to a group during its creation; use the <B>pts
-chown</B> command after issuing this command, if desired.
-<P><DT><B>-id
-</B><DD>Specifies a negative integer AFS GID number for each group, rather than
-allowing the Protection Server to assign it. Precede the integer with a
-hyphen (<B>-</B>) to indicate that it is negative.
-<P>If this argument is used and the <B>-name</B> argument names multiple
-new groups, it is best to provide an equivalent number of AFS GIDs. The
-first GID is assigned to the first group, the second to the second group, and
-so on. If there are fewer GIDs than groups, the Protection Server
-assigns GIDs to the unmatched groups based on the <TT>max group id</TT>
-counter. If there are more GIDs than groups, the excess GIDs are
-ignored. If any of the GIDs is lower (more negative) than the current
-value of the <TT>max group id</TT> counter, the counter is reset to that
-value.
-<P><DT><B>-cell
-</B><DD>Names the cell in which to run the command. For more details, see
-the introductory <B>pts</B> reference page.
-<P><DT><B>-noauth
-</B><DD>Assigns the unprivileged identity <B>anonymous</B> to the
-issuer. For more details, see the introductory <B>pts</B> reference
-page.
-<P><DT><B>-force
-</B><DD>Enables the command to continue executing as far as possible when errors
-or other problems occur, rather than halting execution at the first
-error.
-<P><DT><B>-help
-</B><DD>Prints the online help for this command. All other valid options
-are ignored.
-</DL>
-<P><STRONG>Examples</STRONG>
-<P>In the following example, the user <B>pat</B> creates groups called
-<B>pat:friends</B> and <B>pat:colleagues</B>.
-<PRE> % <B>pts creategroup -name pat:friends pat:colleagues</B>
-
-</PRE>
-<P>The following example shows a member of the
-<B>system:administrators</B> group creating the prefix-less group
-<B>staff</B> and assigning its ownership to the
-<B>system:administrators</B> group rather than to herself.
-<PRE> % <B>pts creategroup -name staff -owner system:administrators</B>
-
-</PRE>
-<P>In the following example, the user <B>pat</B> creates a group called
-<B>smith:team-members</B>, which is allowed because the
-<B>-owner</B> argument specifies the required value
-(<B>smith</B>).
-<PRE> % <B>pts creategroup -name smith:team-members -owner smith</B>
-
-</PRE>
-<P><STRONG>Privilege Required</STRONG>
-<P>The issuer must belong to the <B>system:administrators</B> group
-to create prefix-less groups or include the <B>-id</B> argument.
-<P>To create a regular group, the issuer must
-<UL>
-<P><LI>Be authenticated. The command fails if the <B>-noauth</B> flag
-is provided.
-<P><LI>Have a group-creation quota greater than zero. The <B>pts
-examine</B> command displays this quota.
-</UL>
-<P><STRONG>Related Information</STRONG>
-<P><A HREF="auarf210.htm#HDRPTS_INTRO">pts</A>
-<P><A HREF="auarf217.htm#HDRPTS_EXAMINE">pts examine</A>
-<P><A HREF="auarf220.htm#HDRPTS_LISTMAX">pts listmax</A>
-<P><A HREF="auarf225.htm#HDRPTS_SETFIELDS">pts setfields</A>
-<P><A HREF="auarf226.htm#HDRPTS_SETMAX">pts setmax</A>
-<P>
-<HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auarf002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auarf213.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Top_Of_Page"><IMG SRC="../top.gif" BORDER="0" ALT="[Top of Topic]"></A> <A HREF="auarf215.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auarf284.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P>
-<!-- Begin Footer Records ========================================== -->
-<P><HR><B>
-<br>© <A HREF="http://www.ibm.com/">IBM Corporation 2000.</A> All Rights Reserved
-</B>
-<!-- End Footer Records ============================================ -->
-<A NAME="Bot_Of_Page"></A>
-</BODY></HTML>
git://git.openafs.org / openafs.git / blobdiff