minor edit: s/tool used for doing that/tool for that/

[wiki.git] / doc / afs-and-you.html

diff --git a/doc/afs-and-you.html b/doc/afs-and-you.html
index f7ebb02f86f6776db44c5eb9010556323e31251c..d2934c427b1b7ee4ccf62f5ddaf6f38b9b07ffd6 100644 (file)
--- a/doc/afs-and-you.html
+++ b/doc/afs-and-you.html
@@ -19,7 +19,7 @@
                        </ol>
                <li><a href="#Troubleshooting">Troubleshooting</a>
                        <ol>
-                               <li><a href="#ImtryingtoaccessmyfilesfslasaysIshouldhavepermissionsherebutitstillsays:Permissiondenied">I'm trying to access my files, <tt>fs la</tt> says I should have permissions  &hellip;</a></li>
+                               <li><a href="#ImtryingtoaccessmyfilesfslasaysIshouldhavepermissionsherebutitstillsays">I'm trying to access my files, <tt>fs la</tt> says I should have permissions  &hellip;</a></li>
                                <li><a href="#IdreallypreferthatnoteveryonecouldlistmyfileshowshouldIstopthis">I'd really prefer that not everyone could list my files, how should I stop  &hellip;</a></li>
                                <li><a href="#Itwasaround6amonaSundaymorningandsuddenlyIcouldntaccessmyfiles">It was around 6am on a Sunday morning and suddenly I couldn't access my  &hellip;</a></li>
                                <li><a href="#ItisntSundayandIcantgettomyfiles">It isn't Sunday and I can't get to my files</a></li>
@@ -226,18 +226,11 @@ Unfortunately, adding specific users to an AFS ACL does not mean they can see th
 
 </p>
 <ul><li>You can require that the user have valid certificates:
-<pre>  &lt;limit GET&gt;
-  require valid-user
-  &lt;/limit&gt;
+<pre>require valid-user
 </pre></li></ul><ul><li>You can require the reader be (a) specific user(s), for example:
-<pre>  &lt;limit GET&gt;
-  require user fawkes jflorey sipbtest jarandom
-  &lt;/limit&gt;
-
+<pre>require user fawkes jflorey sipbtest jarandom
 </pre></li><li>You can require that the reader be a member of one of certain moira groups (notice these are <strong>moira</strong> groups, there is no "system:". For example:
-<pre> &lt;limit GET&gt;
-  require group sipb-staff sipb-prospectives
- &lt;/limit&gt;
+<pre>require group sipb-staff sipb-prospectives
 </pre></li></ul><p>
 <p>Note that you cannot mix users and groups in the same directory</p>.
 
@@ -250,7 +243,7 @@ Thereafter, the users should be able to get to the folders at <tt>http<b>s</b>:/
 see also: <a href="http://ist.mit.edu/services/web/reference/web-resources/https">http://ist.mit.edu/services/web/reference/web-resources/https</a>
 </p>
 <h2 id="Troubleshooting">Troubleshooting</h2>
-<h3 id="ImtryingtoaccessmyfilesfslasaysIshouldhavepermissionsherebutitstillsays:Permissiondenied">I'm trying to access my files, <tt>fs la</tt> says I should have permissions here, but it still says <tt>: Permission denied</tt></h3>
+<h3 id="ImtryingtoaccessmyfilesfslasaysIshouldhavepermissionsherebutitstillsays">I'm trying to access my files, <tt>fs la</tt> says I should have permissions here, but it still says <tt>: Permission denied</tt></h3>
 <p>
 There are two likely possibilities. First, its likely that your tokens may have expired. You can check this by running <tt>tokens</tt>. If they are, in fact, expired (or missing) get new tokens as follows: first, make sure you have valid kerberos tickets and then run <tt>aklog</tt>. Another possibility is that you have tokens but not for the correct cell. <tt>tokens</tt> will tell you what tokens you already have. In all likelihood, if you are reading this, you probably want <tt>aklog athena sipb</tt>. Finally, a third possibility is that your group membership has changed since you acquired tokens. Try running <tt>aklog -force</tt>