[OpenAFS] IP ACLs in 1.4
Jeffrey Hutzelman
jhutz@cmu.edu
Wed, 14 Sep 2005 17:19:14 -0400
On Wednesday, September 14, 2005 02:46:53 PM -0500 Brian Sebby
<sebby@anl.gov> wrote:
> I don't know if this has already been addressed, is being addressed, or
> not, but I was wondering if there will be any changes to OpenAFS 1.4 to
> either make IP ACLs take effect immediately, or if a command could be
> added to force the file server to update its IP ACLs.
>
> Right now the workaround is to move the volume if you want the ACLs to
> take effect immediately, but this isn't easy for big volumes.
>
> And yes, I know they're horrible and I'm a bad person for using them, but
> they've made a few problems much easier to solve.
There will be no new changes in 1.4 in this area. However, with a new
enough fileserver, there is a FlushCPS RPC you can call to make the
fileserver discard its cached rights for a particular set of IP addresses.
Be careful, though -- if the fileserver is not new enough, calling this RPC
may cause it to crash.
-- Jeffrey T. Hutzelman (N3NHS) <jhutz+@cmu.edu>
Sr. Research Systems Programmer
School of Computer Science - Research Computing Facility
Carnegie Mellon University - Pittsburgh, PA