This page contains some examples on how to solve common problems with AFS.

TableOfContents

Making a directory private

If you wish to make a directory within your $HOME completely private so that only you can list, read, and write, do this:

mkdir ~/private
fs setacl -clear ~/private <USERNAME> all

Note that the -clear option causes any previously set ACLs to be removed. The <USERNAME> all part sets full access to the directory's contents to the specified user. Therefore, if you have a directory in your home directory that you wish to make only accessible to you (such as ~/.ssh or ~/documents), use:

fs setacl -clear ~/<DIRECTORY> <USERNAME> all

There is also a way to recursively set ACLs throughout a tree by using fsr. It takes the same commands as fs.

Serving a website with added privacy

If you use domtool to set up your domain, there is a way to allow system:anyuser only to list the contents of public_html without breaking your website(s). By default ACLs R and L are given. Change that in this way:

fs setacl ~/public_html system:anyuser l

Now, add all permissions for the USER.daemon principle:

fs setacl ~/public_html <USERNAME>.daemon all

Be aware that this only works if you use your own domain -- if you use http://deleuze.hcoop.net/~USERNAME to serve your files, then you must be sure that system:anyuser can read ~/public_html and its subdirectories.

Setting the rights permissions on your ~/.domtool directory

fs setacl ~/.domtool domtool read
fs setacl ~/.domtool domtool.deleuze read