glite-eds-chmod — Change the basic permissions of an encryption key and optionall encypted files.
glite-eds-chmod [ -q ] [ -v ] [ -s SERVICE ] [ -b NUM ] MODE ID...
glite-eds-chmod is a command-line tool for changing basic permissions on encryption keys in the Key Store.
MODE is a list of permission modification descriptions, separated by commas. Each modification description consists of three components: the subject specifier, the operation specifier and the list of permission bits to change.
The subject specifier controls whose access to the file or directory will be changed. It is a combination of the letters 'ugoa' meaning the user who owns the file (u), any user in the file's group (g), any other users (o) or everyone (a). Specifying no letters is the same as giving 'a' (everyone).
The operation specifier controls how the permission is changed. Exactly one of the symbols '+', '-' or '=' should be specified. Operator '+' causes the permission bits following the operator to be added to the existing permissions. Operator '-' causes the specified permission bits to be cleared. Operator '=' sets the permission to the specified value regardless of the previous permissions on the file.
The last part of MODE contains the new permissions for the affected users:
p - allow to change the permissions
d - delete the entry
r - read the file
w - write to the file
l - list contents
x - execute
g - get the meta data of the file
s - set the meta data of the file
The client needs to have 'allow to change permission' permission on the ID to perform this operation.
Quiet operation.
Increases the verbosity level.
Specifies the service endpoint to use. If SERVICE starts with http://, https:// or httpg://, then it is taken as a direct service endpoint URL. Otherwise SERVICE is taken as a service instance name and Service Discovery is invoked to look up the endpoint.
If this option is not specified, Service Discovery will be invoked and the first available catalog will be used. If the Service Discovery fails, the program will exit with an error.
If this option is not specified, only services with a known good status will be returned by Service Discovery. However if you explicitely specify a service name or an endpoint, the tool will try to use it regardless of its registered status.
Set the number of modifications that will be sent in a single batch operation.
Permissions to change.
Name of the keys (and files) to list.