table of contents
USS_DELETE(8) | AFS Command Reference | USS_DELETE(8) |
NAME¶
uss_delete - Deletes a user account (deprecated)
SYNOPSIS¶
uss delete
-user <login name>
[-mountpoint <mountpoint for user's volume>]
[-savevolume] [-verbose]
[-cell <cell name>]
[-admin <administrator to authenticate>]
[-dryrun]
[-skipauth] [-help]
uss d -u <login name>
[-m <mountpoint for user's volume>]
[-sa] [-v] [-c <cell name>]
[-a <administrator to authenticate>]
[-d] [-sk] [-h]
CAUTIONS¶
The uss command suite is currently designed for cells using the obsolete Authentication Server, and therefore is primarily useful for sites that have not yet migrated to a Kerberos version 5 KDC. The Authentication Server and supporting commands will be removed in a future version of OpenAFS, which may include uss unless someone who finds it useful converts it to work with a Kerberos version 5 KDC.
DESCRIPTION¶
The uss delete command removes the Authentication Database and Protection Database entries for the user named by -user argument. In addition, it can remove the user's home volume and associated VLDB entry, a mount point for the volume or both, depending on whether the -mountpoint and -savevolume options are provided.
- To remove both the volume and mount point, use the -mountpoint argument to name the user's home directory. It is best to create a tape backup of a volume before deleting it. Note that other mount points for the volume are not removed, if they exist.
- To remove the mount point only, provide both the -mountpoint and -savevolume options.
- To preserve both the volume and mount point, omit the -mountpoint argument (or both it and the -savevolume flag).
OPTIONS¶
- -user <login name>
- Names the entry to delete from the Protection and Authentication Databases.
- -mountpoint <mountpoint for the user's volume>
- Specifies the pathname to the user's home directory, which is deleted from
the filespace. By default, the volume referenced by the mount point is
also removed from the file server machine that houses it, along with its
Volume Location Database (VLDB) entry. To retain the volume and VLDB
entry, include the -savevolume flag. Partial pathnames are
interpreted relative to the current working directory.
Specify the read/write path to the mount point, to avoid the failure that results from attempting to remove a mount point from a read-only volume. By convention, the read/write path is indicated by placing a period before the cell name at the pathname's second level (for example, /afs/.example.com). For further discussion of the concept of read/write and read-only paths through the filespace, see the fs mkmount reference page.
- -savevolume
- Preserves the user's volume and VLDB entry.
- -verbose
- Produces on the standard output stream a detailed trace of the command's execution. If this argument is omitted, only warnings and error messages appear.
- -cell <cell name>
- Specifies the cell in which to run the command. For more details, see uss(8).
- -admin <administrator to authenticate>
- Specifies the AFS user name under which to establish authenticated connections to the AFS server processes that maintain the various components of a user account. For more details, see uss(8).
- -dryrun
- Reports actions that the command interpreter needs to perform while executing the command, without actually performing them. For more details, see uss(8).
- -skipauth
- Prevents authentication with the AFS Authentication Server, allowing a site using Kerberos to substitute that form of authentication.
- -help
- Prints the online help for this command. All other valid options are ignored.
EXAMPLES¶
The following command removes smith's user account from the "example.com" cell. The -savevolume argument retains the "user.smith" volume on its file server machine.
% uss delete smith -mountpoint /afs/example.com/usr/smith -savevolume
PRIVILEGE REQUIRED¶
The issuer (or the user named by -admin argument) must belong to the system:administrators group in the Protection Database, must have the "ADMIN" flag turned on in his or her Authentication Database entry, and must have at least "a" (administer) and "d" (delete) permissions on the access control list (ACL) of the mount point's parent directory. If the -savevolume flag is not included, the issuer must also be listed in the /etc/openafs/server/UserList file.
SEE ALSO¶
COPYRIGHT¶
IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
This documentation is covered by the IBM Public License Version 1.0. It was converted from HTML to POD by software written by Chas Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
2024-11-25 | OpenAFS |