Andrew File System (afs): The UNIX File System

Introduction

The Andrew File System (afs) is the name of the file system that is used by the UNIX operating system on our machines. There are many commands that affect the files and directories that are available to UNIX users.

This tutorial will not teach you every afs command that you will ever need to know. Rather, the goal is to introduce you to some of the most useful commands for manipulating files and directories in UNIX. See more info for more suggestions.

Objectives

Use fs to view and set the permissions for directories.
Use pts to create and manage afs permissions groups.
Learn where to go for more assistance.

Topics

View the access permissions for your home directory. (5 minutes)
Change the access permissions for your home directory. (5 minutes)
Create a new afs group that can be used for controlling access to files. (10 minutes)

Overview

In this tutorial you will learn the purpose of each of the commands listed above and how to use them.

View and change the access permissions for a directory.

Practice Exercise #1: View current directory permissions

Open an xterm window if necessary.
At the command-line prompt, type mkdir tempdir and press Enter. You have now created an empty directory with the same permissions as the parent directory of the directory created.
Type cd tempdir to change to the directory that you just created.
Type fs la . to list the acls (access list) for the current directory. Note: the period [.] in the command shown refers to the current working directory.

Your permissions should look something like this:

system:administrators rlidwka system:anyuser rl deppeler:rlidwka

Of course, your CS login should be listed instead of deppeler.

Change the usage permissions for any of your files.

Practice Exercise #2: Set current directory permissions

Type fs sa . CSlogin write to allow the user with the CS login name CSlogin to create and edit files in this directory. Note: This is not a good idea to do unless you want that user to be able to create and edit files in this directory.

Your permissions should look something like this if you are intending to give the user with the CS login name "smoler" the ability to read and write files in this directory:

system:administrators rlidwka system:anyuser rl deppeler:rlidwka login:rlidwk

The possible permissions are as follows:

r - to give the user read permissions only
l - to give the user list permissions only
i - to give the user insert permissions only
d - to give the user delete permissions only
w - to give the user write permissions only
k - to give the user kill permissions only
a - to give the user admin permissions only
read - to give the user read and list permissions
write - to give the user read, list, insert, delete, write, kill
all - to give the user read, list, insert, delete, write, kill, admin

Create a new afs group that can be used for controlling access to files.

Practice Exercise #3: Create a users group for controlling access.

Type pts creategroup deppeler:cs367_A0 to create a new users group that is owned by "deppeler". You may only create groups for yourself. So, replace "deppeler" with your CS login name. Choose a name for your permissions group that will be easy to remember later on, but that is not too long. Choosing a name that reflects the course and the project that you will be working on with this group of users is usually a good start. In the example below, I chose cs367_A0 to indicate any users that will need to be able to create and edit assignment 0 files for the course cs367.

Your xterm should look something like this if you create the cs367_a0 group as described above:

Type fs sa . deppeler:cs367_ao write to assign write permissions to all members of the newly created group.
Type fs la . to list the acls again to see the results:

Your xterm should look something like this:

Type pts adduser smoler deppeler:cs367_a0 to add the user named "smoler" to the newly created group.
Type pts membership deppeler:cs367_a0 to see the list of all users in this access group.

Your xterm should look something like this:

Members of deppeler:cs367_a0 (id:-63860) are: smoler

Type pts removeuser smoler deppeler:cs367_a0 to remove the user named "smoler" from the group.
Type pts delete deppeler:cs367_a0 to remove the group when it is no longer necessary.
Type pts help to see a list of other commands that can be performed with the pts command.

Summary

In this lesson you have learned how to use the fs and pts commands of the UNIX environment.

Vocabulary

Directory Permissions

A set of rules that indicate which users can read, list, delete, etc files in the specified directory.

File

A collection of bytes of data.

File Permissions

A set of rules that indicate what the owner, user group and other users can do with a specific file.

Group

AFS permission groups can be created by any AFS user. Once a group is created directory permissions can be assigned to the group. This is much more convenient than specifying the same directory permissions for several users.

Where to Get More Information

Type man fs at a command-line prompt for even more information about the fs command line options.
You should also view the CSL pages: CSL Howto for AFS. There is a very useful Quick Reference list of afs commands.