Skip to content Accesskey=4Skip to sub-navigation Accesskey=3View our Accessibility Options MIT Information Services and Technology Home About IS&T Contact IS&T Site Map Search Advanced Search
Getting StartedGetting Services by Topic or Alphabetically Getting Help

On This Page

moira

blanche

kinit

kdestroy

klist

attach

detach

add

fs

 

Home

 

 


Athena Commands/Windows Equivalents

 

Moira

Maintain information stored in Moira, the Athena Service Management System database. Brought up by any of the following: moira, listmaint, usermaint, dcmmaint

Synopsis
moira [ -nomenu | -menu ] [ -db host:port ]

Description
Moira administers all of the information stored in Moira, the Athena Service Management System database. When invoked by the name listmaint, usermaint, or dcmmaint, moira will
immediately drop into the appropriate sub-menu.

If a database is specified on the command line, that server will be contacted rather than the compiled-in default. The host and port may both be symbolic names or numbers. If the
port is not specified, the default Moira server port will be used. The server chosen will be the one specified on the command line, from the environment variable MOIRASERVER,
from the "moira" sloc entry in hesiod, or the compiled in default, in that order of preference.

Options
-nomenu
will cause moira to not take over the screen. With this option specified, the screen will be handled like a printing terminal. Each menu will be displayed only once. Typing '?' will cause a menu to be redisplayed.

When called without options, moira displays a menu in the top half of the screen listing other menus; retrievals, appends, updates, or deletes to the database; or control
actions within the program. Each menu consists of several lines containing a single character (usually a numeral), a keyword, and a short description. Menu items may be
selected by either the single character or the keyword. Needed arguments may be put on the same line - otherwise, they will be prompted for. It is possible to invoke an option from a sub-menu by name while at a higher menu. The lower half of the screen is a dialogue area used to prompt the user and display retrieved information.

The top level menu just lists other menus for each of the types of objects stored in the database. Most menus also list the following control options:

verbose
Toggle the verbosity of delete. This controls whether or not an extra confirmation will be required before deleting data from the database.

[Back to top]

Blanche

Examine and modify memberships in Moira lists

Synopsis
blanche listname [options]

Description
Blanche is a tool for maintaining the membership of Moira lists. It is more limited than the menu-oriented listmaint, but has a more traditional unix user interface which makes it easier to use in scripts. It can also read a set of list members from a file and synchronize the list in Moira to that file.

Whenever a member is specified, it may be specified explicitly, as user:username, list:listname, string:string_text, or kerberos:principal_name; or the type may be left off if the member name is non ambiguous. A member having punctuation characters (such as at-sign) in it is immediately assumed to be a string. Otherwise, blanche will try first as a user, and if that fails will try the member as a list, and finally fall back to string if both of those fail.

The default output mode is similar, in that usernames are displayed without any identifying type, lists are always
displayed as list:listname, and strings will only be labeled as a string if they do not have any punctuation characters in them. Kerberos members will always have the type displayed.

Options
-add member or -a member
This will add the specified member to the target list. This option may be specified multiple times with different members on the same command line.

-delete member or -d member
This will delete the specified member from the target list. This option may be specified multiple times with
different members on the same command line.

-file filename or -f filename
This will read a list of members from the named file, and make those members be the membership of the target list. It will do this by extracting the current membership of the target list from Moira, then diff these two sets of members, and determine who has to be added and deleted from the list so it will match the contents of the file.

-info or -i
Display other information about the target list besides the membership. This includes the description, flags, mail list and group status, owner, and last modification.

-addlist filename or -al filename
This will read a list of members from the named file, and add those members to the target list. The file format is specified above.

-deletelist filename or -dl filename
This will read a list of members from the named file, and delete those members from the target list. The file format is specified above.

-members or -m
Display the membership of the target list. This is the default if no other options are specified.

-users or -u
Only display list members that are users (not lists or strings). If none of -users, -lists, -strings, or -kerberos is specified, then all of them will be displayed.

-lists or -l
Only display list members that are lists (not users or strings). If none of -users, -lists, -strings, or -kerberos is specified, then all of them will be displayed.

-strings or -s
Only display list members that are strings (not users or lists). If none of -users, -lists, -strings, or -kerberos is specified, then all of them will be displayed.

-kerberos or -k
Only display list members that are Kerberos principals (not users, lists, or strings). If none of -users, -lists, -strings, or -kerberos is specified, then all of them will be displayed.

-recursive or -r
When displaying the membership of the target list, recursively track down all lists that are members of the target, and get their membership. Only the user and string members will be displayed, not the intermediate lists.

-verbose or -v
Give more information. With the info flag, it will also display the number of members on the list. With the embers flag, it will display the type of each member, not just those that are ambiguous. When changing the membership of a list, it will print a message for each member added or deleted.

-noauth or -n
Do not attempt to perform Kerberos authentication with the Moira server. Retrieval operations on not-hidden lists are still possible without tickets.

-database host:port or -db host:port
Use the specified host and port to contact the Moira database instead of the default server. Both may be symbolic names or numbers. If the port is left off, the default Moira server port will be assumed. The database chosen will be the one specified on the command line, specified in the MOIRASERVER environment variable, the hesiod "moira" sloc entry, or the compiled in default, in that order or preference.

-create or -C
Create the named list (assuming you have list-creation privileges in Moira.) By default it will be active, private, visible, a mailing list, and not a group, although this can be changed with the flags below.

-rename newname or -R newname
Rename the list to the new name.

-public (-P) or -private (-NP)
Make the list public or private. (Users can add themselves to public lists.)

-active (-A) or -inactive (-I)
Make the list active or inactive. (Inactive lists are not propagated to the mail hubs and file servers.)

-visible (-V) or -hidden (-H)
Make the list visible or hidden. (Hidden lists are harder to find the membership and administrators of.)

-mail (-M) or -notmail (-NM)
Toggle whether or not the list is a mailing list.

-group (-G) or -notgroup (-NG)
Toggle whether or not the list is a group. (Groups can be used on the ACLs of directories in AFS.)

-nfsgroup (-N) or -notnfs (-NN)
Toggle whether or not the list is an NFS group. (NFS groups are included in a user's hesiod group list and in Moira-generated NFS credentials file, and can be used for controlling access to NFS exported file systems.)

-desc description or -D description
Set the description of the list.

-owner owner or -O owner
Set the owner of the list. The owner is specified like a list member, except that list owners can never be strings.

-memacl membership_acl or -MA membership_acl
Set the membership acl of the list; members of this acl will be allowed to add and remove members of the list, but not update any other characteristics. The membership acl is specified like a list member, except that it can never be a string. To return a list to having default membership access control conditions, set the membership acl to "NONE".

[Back to top]

Kinit

Get new Kerberos Tickets

[Back to top]

Kdestroy

Destroy all Kerberos Tickets

[Back to top]

Klist

List existing Kerberos Tickets

[Back to top]

Attach

Attach a remote file system to your workstation

Synopsis
attach -l locker
attach -H host
attach [-v | -q] [-y | -n] -D <drive-letter> -P -U <user-name> -s <submount name> locker
attach [-v | -q] [-y | -n] -D <drive-letter> -P -U <user-name> -s <submount name> -x locker
attach [-v | -q] [-y | -n] -D <drive-letter> -P -U <user-name> -s <submount name> -t <type> -e <unc>

Description
attach is a filesystem-independent utility which allows you attach a file system to a directory hierarchy on your workstation. The following file systems are currently supported: AFS, NFS, and WIN.

Attach looks up file system by using Hesiod to retrieve the file system type, the server host, the name by which the file system is known to the server (the default mount point and mode are not used). The user may also explicitly specify this information, as described below under the -e option. When using Hesiod to mount an AFS locker, attach will automatically create an AFS submount using the locker name. The user may also specify the submount name by using the -s option. In addition, when mounting an AFS directory using the -e option, the UNC may have any of the forms: afs/directory or /afs/directory or //afs/directory. attach will automatically reformat the AFS UNC to the proper syntax. In addition, when using UNC's, attach will automatically convert any forward slashes to back slashes.

UNC's must start with \\. In order to mount NFS file systems, you must have installed on your machine an NFS client.

By default, attach will attempt to make sure the user is authenticated to the remote file system, by getting tokens in the appropriate cell for an AFS locker, or creating a Kerberos NFS mapping for an NFS locker.

Options
The following arguments to attach modify its behavior. Default options are marked as such. Unless otherwise marked, all arguments are processed in order. Thus, if a -v option is followed by a -q option, the -q option will take precedence (for any lockers that appear after the -q on the command line). If no arguments are given to attach, a list of the currently attached file systems will be printed.

-v (verbose)
Display verbose information about a mounted file system, such as the AFS path or NFS server and the server's file system name, if the attach is successful. This is the default.

-q (quiet)
Don't display verbose information. Error messages will still be printed.

-l (lookup)
This option causes attach to look up the file system definition using Hesiod and print out the definition, but not to actually attach the file system. This option cannot be used with any other option.

-y (map)
Attempt to authenticate the user with Kerberos to the file system server. The authentication may be necessary in order to have the proper access to the file system This option can only be used with NFS mounts.

-n (nomap)
Do not attempt to authenticate the user to the file system server. This option can only be used with NFS mounts.

-s (submount)
This option only applies to AFS mounts. Used to explicitly specify an AFS submount. If a submount is created that does not have a corresponding locker entry, a warning will be given. If a submount name resolves to a locker, but the entered AFS directory and resolved directory differ, a warning will be given. If the submount already exists (with a different directory), the existing submount will be replaced and a warning given.

-x (noexplicit)
Tell attach to interpret the file system as a Hesiod name. This is the default.

-e (explicit)
Change the behavior of attach such that the file system is now interpreted as an explicit UNC instead of as a Hesiod name. This allows arbitrary directories to be attached.

-t file system-type
This option must be used with the -e option to tell attach the type of the file system that is being attached. There is no default. The valid file system types are AFS, NFS and WIN.

-H hostnames
This option causes attach to list all file systems that are mounted from the given hostnames. This option cannot be used with any other option.

-D drive-letter
This option causes attach to mount the file system to the drive letter which follows the D. The following example will attach a <file system> to the M drive.
attach -D m <file system>
The -D option does not have to be used. If the -D option is not used, the file system will be attached but not assign a drive letter.
The following example will attach <file system> but not assign a drive letter.
attach <file system>

-P (password)
This option can only be used with NFS and WIN mounts and is used to explicitly specify the password that is to be used when mounting a NFS or WIN file system. This is used in conjunction with the -U option. The user will be prompted for the password.

-U user-name
This option can only be used with NFS and WIN mounts and is used to explicitly specify a user name that is to be used when mounting a NFS or WIN file system. This is used in conjunction with the -P option.

Examples
attach -v -D r -t WIN -e \\MYCOMPUTER\c$ -D s cygwin gnu

Attach will interpret \\MYCOMPUTER\c$ as a WIN share and interpret cygwin and gnu as Hesiod names. The WIN share \\MYCOMPUTER\c$ will be mounted on drive r:, the locker cygwin will be mounted on drive s: as the AFS submount \\afs\cygwin and the locker gnu will be mounted as the AFS submount \\afs\gnu but not assigned to a network drive.

Notes
If attach is unable to initialize, it will exit with status 1. If attach encounters a problem attaching a locker/file system, it will continue trying to attach any remaining lockers/file systems on the command line, and will eventually exit with status 2. If all is successful, attach will exit with status 0.

[Back to top]

Detach

Detach a remote file system from your workstation

Synopsis
detach [-v | -q] locker
detach [-v | -q] -x locker
detach [-v | -q] -t <type> -e <unc>
detach [-v | -q] -s <submount name>
detach [-v | -q] -D <drive letter

Description
detach performs the appropriate file system-dependent operations to disassociate a file system which was attached using attach from the workstation. Using the -e, -x or -s options will detach all attached file systems associated with the UNC, locker or AFS submount.

Options
The following arguments to detach modify its behavior. Default options are marked as such. Unless otherwise marked, all arguments are processed in order. Thus, if a -v option is followed by a -q option, the -q option will take precedence (for any lockers that appear after the -q on the command line).

-v (verbose)
Display verbose information about a mounted file system, such as the AFS path or NFS server and the server's file system name, if the attach is successful. This is the default.

-q (quiet)
Don't display verbose information. Error messages will still be printed.

-x (noexplicit)
Tell detach to interpret the file system as a Hesiod name. This is the default. All file systems associated with the locker will be detached.

-e (explicit)
Change the behavior of detach such that the file system is now interpreted as an explicit UNC instead of as a Hesiod name. This allows arbitrary directories to be detached. All file systems associated with the <unc> will be detached.

-t file system-type
This option must be used with the -e option to tell detach the type of the file system that is being detached. There is no default. The valid file system types are AFS, NFS and WIN.

-D drive-letter
This option causes detach to dismount the file system from the drive letter which follows the -D option. The following example will detach a previously attached <file system> from the M drive.
detach -D am

-s (submount)
This option only applies to AFS mounts. Used to explicitly specify an AFS submount to be detached. All AFS directories associated with the AFS submount will be detached.

Examples
detach -D r -s cygwin -t WIN -e \\win2k\c$

detach will detach the locker/file system associated with r: drive, detach all AFS directories associated with the AFS submount cygwin and detach the Win2k share \\win2k\c$

interpret \\MYCOMPUTER\c$ as a WIN share and interpret cygwin and gnu as Hesiod names. The WIN share \\MYCOMPUTER\c$ will be mounted on drive r:, the locker cygwin will be mounted on drive s: as the AFS submount \\afs\cygwin and the locker gnu will be mounted as the AFS submount \\afs\gnu but not assigned to a network drive.

Notes
If detach is unable to initialize, it will exit with status 1. If detach encounters a problem detaching a locker/file system, it will continue trying to detach any remaining lockers/file systems on the command line, and will eventually exit with status 2. If all is successful, detach will exit with status 0.

[Back to top]

Add

Attach a file system, add it to your path

Synopsis
add [-f] [-a attachopts] filesystemname [-a attachopts] filesystemname ...
add [-r] [-a attachopts] pathname [-a attachopts] pathname ...

Description
add is intended to make the process of using software that is stored in remote file systems easier. In normal use, it requires one argument, the name of a file system to add. In this case, it adds the appropriate binary directory (arch/sun4x_56/bin, decmipsbin, etc.) to the end of your PATH so that you can find programs in the locker.

When no arguments are used, add will display the value of the user's PATH variable.

add may also take multiple file system arguments. In this case, add locker1 locker2 locker3 is functionally equivalent to, though more efficient than, add locker1; add locker2; add locker3. Thus when adding lockers to the front of your PATH, they will appear as locker3 locker2 locker1 at the front of user portion of the PATH environment variable.

Options
-f (front)
This option causes add to add lockers to the front of the user portion of the PATH. If the locker is already in your path but not at the front, it will be moved there. This feature is useful when you want to cause programs in the lockers to replace programs found in other places. You usually want lockers added to the end of your path, however, to prevent the possibility of locker maintainers replacing important binaries with things you don't expect. This option cannot be used with the -r option.

-r (remove)
This option causes add to remove the specified lockers or pathnames from your path. This option cannot be used with the -f option.

Examples
add -a -D r -t WIN -e \\MYCOMPUTER\c$

add will interpret \\MYCOMPUTER\c$ as a WIN share. The WIN share \\MYCOMPUTER\c$ will be mounted on drive r:. In addition, r:\ will be added to the end of PATH.

[Back to top]

fs

Change the ACL's (access control list) of a file or directory; check quota

Synopsis
fs lq lockername
fs la directoryname
fs sa directoryname user permissions
fs sa directoryname system:groupname permissions

Descriptions

Options
-lq
This option tells you how much of your quota is currently being used.

-la (listacl)
This option determines what permissions a directory has. If no directory is specified, it will list the permissions for the directory you are currently in.

-sa (setacl)
This option sets the ACL's on a file or directory. The following is the list of possible rights and aliases for those rights:

ACLs

r

read

l

list

i

  

d

delete

w

  

k

  

a

administer (change ACL's)
 

Alias

Expands to

read

rl

write

rlidwk

all

rlidwka

none

removes all access

Examples

fs lq H:

Volume Name

Quota

Used

% Used

Partition

user.joe

100000

89500

90%

57%

fs la sample
Access list for sample is
Normal rights:
system:anyuser rl
joeuser rlidwka
janeuser rliw

fs sa sample janeuser write
fs sa sample system:everyone read

[Back to top]

 
MIT Home | Getting Started | Getting Services | Getting Help | About IS&T | Accessibility
Ask a technology question or send a comment about this web page.