Query: bos_setrestricted
OS: opendarwin
Section: 8
Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar
BOS_SETRESTRICTED(8) AFS Command Reference BOS_SETRESTRICTED(8)NAMEbos_setrestricted - place a server in restricted modeSYNOPSISbos setrestricted -server <machine name> -mode 1 [-cell <cell name>] [-noauth] [-localauth] [-help]DESCRIPTIONThe bos restricted command places the server in restricted mode. This mode increases the security of the bos server by removing access to a number of bos commands that are only used whilst configuring a system. When a server is in restricted mode, access to bos_exec, bos uninstall, bos install, bos create, bos install, bos delete, bos prune is denied, and the use of bos getlog is limited.CAUTIONSOnce a server has been placed in restricted mode, it may not be opened up again using a remote command. That is, bos setrestricted has no method of setting an unrestricted mode. Once a server is restricted, it can only be opened up again by sending it a SIGFPE, which must be done as root on the local machine.OPTIONS-server <machine name> Indicates the server machine to restrict. -cell <cell name> Names the cell in which to run the command. Do not combine this argument with the -localauth flag. For more details, see bos(8). -noauth Assigns the unprivileged identity "anonymous" to the issuer. Do not combine this flag with the -localauth flag. For more details, see bos(8). -localauth Constructs a server ticket using a key from the local /etc/openafs/server/KeyFile file. The bos command interpreter presents the ticket to the BOS Server during mutual authentication. Do not combine this flag with the -cell or -noauth options. For more details, see bos(8). -help Prints the online help for this command. All other valid options are ignored.PRIVILEGE REQUIREDThe issuer must be listed in the /etc/openafs/server/UserList file on the machine named by the -server argument, or must be logged in as the local superuser "root" if the -localauth flag is included. As noted above, this command cannot be run against servers which are already in restricted mode.SEE ALSObos(8)COPYRIGHTCopyright 2009 Simon Wilkinson <simon@sxw.org.uk> This documentation is covered by the BSD License as written in the doc/LICENSE file. This man page was written by Simon Wilkinson for OpenAFS. OpenAFS 2012-03-26 BOS_SETRESTRICTED(8)
| Related Man Pages | 
|---|
| bos_exec(8) - opendarwin | 
| bos_getrestricted(8) - redhat | 
| bos_setrestricted(8) - redhat | 
| bos_exec(8) - hpux | 
| bos_exec(8) - centos | 
| Similar Topics in the Unix Linux Community | 
|---|
| restricted mode (solaris 8) | 
| How do I install bos.loc.iso.en_GB? | 
| Copy file from local machine to server? | 
| Missing Base level fileset of bos.adt.debug | 
| set ksh script in restricted mode |