Available Permissions
The following Access Control List permissions can be granted:
- Lookup (l)
- allows a user to list the contents of the AFS directory, examine the ACL associated with the directory and access subdirectories.
- Insert (i)
- allows a user to add new files or subdirectories to the directory.
- Delete (d)
- allows a user to remove files and subdirectories from the directory.
- Administer (a)
- allows a user to change the ACL for the directory. Users always have this right on their home directory, even if they accidentally remove themselves from the ACL.
Permissions that affect files and subdirectories include:
- Read (r)
- allows a user to look at the contents of files in a directory and list files in subdirectories. Files that are to be granted read access to any user, including the owner, need to have the standard UNIX "owner read" permission set.
- Write (w)
- allows a user to modify files in a directory. Files that are to be granted write access to any user, including the owner, need to have the standard UNIX "owner write" permission set.
- Lock (k)
- allows the processor to run programs that need to "flock" files in the directory.
Additionally, AFS includes Application ACLs (A)-(H) which have no effect on access to files.
Read more about this topic: Andrew File System