EnglishFrenchSpanish

Run servers | Ubuntu > | Fedora > |


OnWorks favicon

fs_setcell - Online in the Cloud

Run fs_setcell in OnWorks free hosting provider over Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

This is the command fs_setcell that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator

PROGRAM:

NAME


fs_setcell - Configures permissions for setuid programs from specified cells

SYNOPSIS


fs setcell -cell <cell name>+ [-suid] [-nosuid] [-help]

fs setce -c <cell name>+ [-s] [-n] [-h]

DESCRIPTION


The fs setcell command sets whether the Cache Manager allows programs (and other
executable files) from each cell named by the -cell argument to run with setuid
permission. By default, the Cache Manager allows programs from its home cell to run with
setuid permission, but not programs from any foreign cells. A program belongs to the same
cell as the file server machine that houses the volume in which the program's binary file
resides, as specified in the file server machine's /etc/openafs/server/ThisCell file. The
Cache Manager determines its own home cell by reading the /etc/openafs/ThisCell file at
initialization.

To enable programs from each specified cell to run with setuid permission, include the
-suid flag. To prohibit programs from running with setuid permission, include the -nosuid
flag, or omit both flags.

The fs setcell command directly alters a cell's setuid status as recorded in kernel
memory, so rebooting the machine is unnecessary. However, non-default settings do not
persist across reboots of the machine unless the appropriate fs setcell command appears in
the machine's AFS initialization file.

To display a cell's setuid status, issue the fs getcellstatus command.

CAUTIONS


AFS does not recognize effective UID: if a setuid program accesses AFS files and
directories, it does so using the current AFS identity of the AFS user who initialized the
program, not of the program's owner. Only the local file system recognizes effective UID.

Only members of the system:administrators group can turn on the setuid mode bit on an AFS
file or directory.

When the setuid mode bit is turned on, the UNIX "ls -l" command displays the third user
mode bit as an "s" instead of an "x". However, the "s" does not appear on an AFS file or
directory unless setuid permission is enabled for the cell in which the file resides.

OPTIONS


-cell <cell name>+
Names each cell for which to set setuid status. Provide the fully qualified domain
name, or a shortened form that disambiguates it from the other cells listed in the
local /etc/openafs/CellServDB file.

-suid
Allows programs from each specified cell to run with setuid privilege. Provide it or
the -nosuid flag, or omit both flags to disallow programs from running with setuid
privilege.

-nosuid
Prevents programs from each specified cell from running with setuid privilege. Provide
it or the -suid flag, or omit both flags to disallow programs form running with setuid
privilege.

-help
Prints the online help for this command. All other valid options are ignored.

EXAMPLES


The following command enables executable files from the State University cell to run with
setuid privilege on the local machine:

% fs setcell -cell stateu.edu -suid

PRIVILEGE REQUIRED


The issuer must be logged in as the local superuser root.

Use fs_setcell online using onworks.net services


Ad


Ad