Unix Groups Reorganization
Unix group ownership and group permission bits are ignored by AFS so we've never worried too much about managing groups here at UW-HEP. However, there are lots of systems with local disk storage (e.g. /data and /scratch) which can now be managed with Unix groups. Why? Because I've implemented what I call "RedHat style groups" (although I don't really know if this mechanism was created by RedHat.) Here's the full details:
- each user has their own group (where the login and group name match)
- each user's primary group is set to their own group
- the group "users" includes all accounts except role accounts
- the group "visitors" that includes all visitor accounts
