Administering the UserList File

Inclusion in the file /usr/afs/etc/UserList on the local disk of each AFS server machine enables an administrator to issue commands from the indicated suites.

Although each AFS server machine maintains a separate copy of the file on its local disk, it is conventional to keep all copies the same. It can be confusing for an administrator to have the privilege on some machines but not others.

If your cell runs the United States edition of AFS and uses the Update Server to distribute the contents of the system control machine's /usr/afs/etc directory, then edit only the copy of the UserList file stored on the system control machine. If you have forgotten which machine is the system control machine, see The Four Roles for File Server Machines.

If your cell runs the international edition of AFS, or does not use a system control machine, then you must edit the UserList file on each server machine individually.

To avoid making formatting errors that can result in performance problems, never edit the UserList file directly. Instead, use the bos adduser or bos removeuser commands as described in this section.

To display the users in the UserList file

  1. Issue the bos listusers command to display the contents of the /usr/afs/etc/UserList file.

       % bos listusers <machine name>
    

    where

    listu

    Is the shortest acceptable abbreviation of listusers.

    machine name

    Names an AFS server machine. In the normal case, any machine is acceptable because the file is the same on all of them.

To add users to the UserList file

  1. Verify you are listed in the /usr/afs/etc/UserList file. If not, you must have a qualified administrator add you before you can add entries to it yourself. If necessary, issue the bos listusers command, which is fully described in To display the users in the UserList file.

       % bos listusers <machine name>
    
  2. Issue the bos adduser command to add one or more users to the UserList file.

       % bos adduser <machine name> <user names>+
    

    where

    addu

    Is the shortest acceptable abbreviation of adduser.

    machine name

    Names the system control machine if you use the Update Server to distribute the contents of the /usr/afs/etc directory (possible only in cells running the United States edition of AFS). By default, it can take up to five minutes for the Update Server to distribute the changes, so newly added users must wait that long before attempting to issue privileged commands.

    If you are running the international edition of AFS, or do not use the Update Server, repeat the command, substituting the name of each AFS server machine for machine name in turn.

    user names

    Specifies the username of each administrator to add to the UserList file.

To remove users from the UserList file

  1. Verify you are listed in the /usr/afs/etc/UserList file. If not, you must have a qualified administrator add you before you can remove entries from it yourself. If necessary, issue the bos listusers command, which is fully described in To display the users in the UserList file.

       % bos listusers <machine name>
    
  2. Issue the bos removeuser command to remove one or more users from the UserList file.

       % bos removeuser <machine name> <user names>+
    

    where

    removeu

    Is the shortest acceptable abbreviation of removeuser.

    machine name

    Names the system control machine if you use the Update Server to distribute the contents of the /usr/afs/etc directory (possible only in cells running the United States edition of AFS). By default, it can take up to five minutes for the Update Server to distribute the change, so newly removed users can continue to issue privileged commands during that time.

    If you are running the international edition of AFS, or do not use the Update Server, repeat the command, substituting the name of each AFS server machine for machine name in turn.

    user names

    Specifies the username of each administrator to add to the UserList file.