Why Use AFS at UWM?
AFS is being used
by some research groups at UWM. We are considering using it for class
accounts as well. This web page contains some of the reasons why
we are considering AFS for the whole department.
What is AFS?
AFS is an open-source distributed filesystem that uses Kerberos for
security. It is available on just about all UNIX platforms (including
and on Windows. For more information see the
OpenAFS web page
and its FAQ
What benefits would AFS bring to UWM students?
There are a number of benefits:
There are also benefits that administrators can benefit from
- There would be no need for 'tash': instructors can be
automatically added to the access control lists for class directories.
Similarly with various submit and grade checking routines. There
would be no need for SUID programs.
- Course administrators can manage their own instructor lists.
- Directories can be moved from one file server to another without
reconfiguring clients or taking machines down.
- Each student's home directory can be managed as a separate volume
which enables it to be mounted in a different place if the student
switches sections or unmounted if a student drops the course.
What are some problems with using AFS?
- As with any system, there is a learning curve.
The learning curve is gentle for users (clients),
but steeper for administrators. The fact that we
already have an AFS cell which has been used
for over 6 years will help.
- Group and world permission bits on AFS are unused,
and may confuse people.
- If you make a directory in AFS ``world readable'' it is
really world readable: anyone in the world
with AFS client software can read the files in the directory!
AFS has been used successfully for CompSci 252 (Spring 2005), CompSci 552 (Fall 2003,2004,2005),
CompSci 431 (Spring 2004) and CompSci 654 (Spring 2004, 2005). The CS UWM AFS cell now uses
Kerberos V for authentication. We are getting new hardware (Dec. 2005) from
Sun for AFS servers.