glite-eds-chmod — Change the basic permissions of an encryption key and optionall encypted files.
glite-eds-chmod
[ -q
] [ -v
] [ -s
] [ SERVICE
-b
] NUM
MODE
... ID
glite-eds-chmod is a command-line tool for changing basic permissions on encryption keys in the Key Store.
is a list of permission modification
descriptions, separated by commas. Each modification description consists of three components:
the subject specifier, the operation specifier and the list of permission bits to change.
MODE
The subject specifier controls whose access to the file or directory will be changed. It is a combination of the letters 'ugoa' meaning the user who owns the file (u), any user in the file's group (g), any other users (o) or everyone (a). Specifying no letters is the same as giving 'a' (everyone).
The operation specifier controls how the permission is changed. Exactly one of the symbols '+', '-' or '=' should be specified. Operator '+' causes the permission bits following the operator to be added to the existing permissions. Operator '-' causes the specified permission bits to be cleared. Operator '=' sets the permission to the specified value regardless of the previous permissions on the file.
The last part of
contains the
new permissions for the affected users:
MODE
p - allow to change the permissions
d - delete the entry
r - read the file
w - write to the file
l - list contents
x - execute
g - get the meta data of the file
s - set the meta data of the file
The client needs to have 'allow to change permission' permission on the
ID
to perform this operation.
-q
Quiet operation.
-v
Increases the verbosity level.
-s SERVICE
Specifies the service endpoint to use.
If
starts
with SERVICE
http://
, https://
or
httpg://
,
then it is taken as a direct service endpoint URL.
Otherwise
is taken as
a service instance name and Service Discovery is invoked to look up the
endpoint.
SERVICE
If this option is not specified, Service Discovery will be invoked and the first available catalog will be used. If the Service Discovery fails, the program will exit with an error.
If this option is not specified, only services with a known good status will be returned by Service Discovery. However if you explicitely specify a service name or an endpoint, the tool will try to use it regardless of its registered status.
-b NUM
Set the number of modifications that will be sent in a single batch operation.
MODE
Permissions to change.
ID
Name of the keys (and files) to list.