Contains the administrative list for the Fileset Server
Description
The admin.ft file is an administrative list of all principals and groups that can use the Fileset Server to manipulate filesets on a File Server machine.
The admin.ft file includes the UUIDs of users and groups who can issue commands that affect a machine's filesets; it includes the UUIDs of servers the machine can accept filesets from.
A File Server machine is defined as any machine that exports data for use in the global namespace. The Fileset Server, or ftserver process, runs on every File Server machine in a domain. The ftserver process provides the interface for any commands that affect filesets on a File Server machine. An admin.ft file must reside on each machine running the ftserver process.
A user must be represented in the admin.ft file on a machine (either directly or indirectly, through a group) to issue commands that affect the filesets on a machine (for example, to create, move, delete, back up, or restore a fileset). The user must also be listed in the file to move filesets onto the machine from a different machine. In addition, the principal name for a server machine must be included in the admin.ft file on another machine if filesets are to be moved from it to the other machine.
Each time the Fileset Server is started on any machine, it automatically creates the dcelocal/var/dfs/admin.ft file if the file does not already exist. You can also create the file by including the -createlist option with the bos addadmin command.
Once the admin.ft file exists, principals and groups can be added to it with the bos addadmin command, and they can be removed from it with the bos rmadmin command. The bos lsadmin command can be used to list the principals and groups currently in the file. Because administrative lists are stored as binary files, you must use these commands to modify them; you cannot edit them directly.
The admin.ft file should be stored in the directory named dcelocal/var/dfs on each File Server machine. If it is stored in a different directory, the full pathname of the file must be specified when the Fileset Server is started. Do not create multiple copies of the admin.ft file and store them in different directories on the same machine; unauthorized users may be able to use the extraneous copies to access the Fileset Server or to allow the File Server machine to accept filesets from unprivileged machines.
It is recommended that a single version of the admin.ft file be created and maintained on a domain's System Control machine. The upclient processes running on the domain's File Server machines can then reference the file via the upserver process running on the System Control machine.
Independent versions of the admin.ft file should not be maintained on each File Server machine in a domain. Doing so may result in a system administrator being permitted to manipulate filesets on one machine but not on another, or it may result in the administrator being able to move filesets among only some of the machines in the domain.
(Note that a Private File Server machine might have a separate admin.ft file. The administrative users included in such a file would represent a superset of the administrative users listed in the domain's admin.ft file, the additional members being the users who are to administer the Private File Server machine.)
Related Information
Commands: bos addadmin(8dfs)