if ( -f ) {
push @list, $_
} elsif ( -d ) {
- push @list, all_pod_files( $_ )
+ push @list, grep { !m,fragments/, } all_pod_files( $_ )
}
}
--- /dev/null
+#!/usr/bin/perl -w
+#
+# POD currently doesn't support any sort of =include directive. This
+# processor works around that limitation. It takes a list of files ending in
+# *.in as its argument and processes any POD directives of the form =include
+# <file> in that file, generating a file with the *.in suffix removed. All
+# paths are taken to be relative to the directory containing the file being
+# processed.
+#
+# Currently, only single include nesting is supported. The included file is
+# not processed for additional =include statements.
+
+require 5.006;
+
+use Cwd qw(getcwd);
+use File::Basename qw(dirname basename);
+
+my $start = getcwd;
+for my $file (@ARGV) {
+ chdir $start or die "cannot chdir to $start: $!\n";
+ my $dir = dirname ($file);
+ my $out = $file;
+ unless ($out =~ s/\.in\z//) {
+ die "input file $file does not end in .in\n";
+ }
+ open (FILE, '<', $file) or die "cannot open $file: $!\n";
+ open (OUT, '>', $out) or die "cannot open $out: $!\n";
+ chdir $dir or die "cannot chdir to $dir: $!\n";
+ local $/ = '';
+ local $_;
+ while (<FILE>) {
+ if (/^=include\s+(\S+)/) {
+ open (INCLUDE, '<', $1) or die "cannot open $1: $!\n";
+ local $/;
+ print OUT <INCLUDE> or die "cannot read/write from $1: $!\n";
+ close INCLUDE or die "cannot read from $1: $!\n";
+ print OUT "\n" or die "cannot write to $out: $!\n";
+ } else {
+ print OUT $_ or die "cannot write to $out: $!\n";
+ }
+ }
+ close OUT or die "cannot write to $out: $!\n";
+ close FILE or die "cannot read from $file\n";
+}
--- /dev/null
+# After changing this file, please run
+# git ls-files -i --exclude-standard
+# to check that you haven't inadvertently ignored any tracked files.
+
+/pts_adduser.pod
+/pts_chown.pod
+/pts_creategroup.pod
+/pts_createuser.pod
+/pts_delete.pod
+/pts_examine.pod
+/pts_interactive.pod
+/pts_listentries.pod
+/pts_listmax.pod
+/pts_listowned.pod
+/pts_membership.pod
+/pts_quit.pod
+/pts_removeuser.pod
+/pts_rename.pod
+/pts_setfields.pod
+/pts_setmax.pod
+/pts_sleep.pod
+/pts_source.pod
--- /dev/null
+=item B<-cell> <I<cell name>>
+
+Names the cell in which to run the command. For more details, see
+L<pts(1)>.
+
+=item B<-force>
+
+Enables the command to continue executing as far as possible when errors
+or other problems occur, rather than halting execution at the first error.
+
+=item B<-help>
+
+Prints the online help for this command. All other valid options are
+ignored.
+
+=item B<-localauth>
+
+Constructs a server ticket using a key from the local
+F</usr/afs/etc/KeyFile> file. Do not combine this flag with the B<-cell>
+or B<-noauth> options. For more details, see L<pts(1)>.
+
+=item B<-noauth>
+
+Assigns the unprivileged identity anonymous to the issuer. For more
+details, see L<pts(1)>.
+++ /dev/null
-=head1 NAME
-
-pts_adduser - Adds a user or machine to a Protection Database group
-
-=head1 SYNOPSIS
-
-=for html
-<div class="synopsis">
-
-B<pts adduser> S<<< B<-user> <I<user name>>+ >>> S<<< B<-group> <I<group name>>+ >>>
- S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>] [B<-force>] [B<-help>]
-
-B<pts ad> S<<< B<-u> <I<user name>>+ >>> S<<< B<-g> <I<group name>>+ >>>
- S<<< [B<-c> <I<cell name>>] >>> [B<-n>] [B<-l>] [B<-f>] [B<-h>]
-
-=for html
-</div>
-
-=head1 DESCRIPTION
-
-The B<pts adduser> command adds each user or machine entry named by the
-B<-user> argument as a member of each group named by the B<-group>
-argument.
-
-To remove members of a group, use the B<pts removeuser> command. To list
-the groups to which a user or machine belongs, or the members of a
-specified group, use the B<pts membership> command.
-
-=head1 CAUTIONS
-
-After being added as a group member, a currently authenticated user must
-reauthenticate (for example, by issuing the B<klog> command) to obtain
-permissions granted to the group on an access control list (ACL).
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-user> <I<user name>>+
-
-Specifies the name of each user or machine entry to add to each group
-named by the B<-group> argument. The name of a machine entry resembles an
-IP address and can use the wildcard notation described on the B<pts
-createuser> reference page. The user or machine entry must already exist
-in the Protection Database.
-
-=item B<-group> <I<group name>>+
-
-Specifies the complete name (including the owner prefix if applicable) of
-each group to which to add members. The group entry must already exist in
-the Protection Database.
-
-=item B<-cell> <I<cell name>>
-
-Names the cell in which to run the command. For more details, see
-L<pts(1)>.
-
-=item B<-noauth>
-
-Assigns the unprivileged identity anonymous to the issuer. For more
-details, see L<pts(1)>.
-
-=item B<-localauth>
-
-Constructs a server ticket using a key from the local
-F</usr/afs/etc/KeyFile> file. The B<pts> command interpreter presents the
-ticket to the Protection Server during mutual authentication. Do not combine
-this flag with the B<-cell> or B<-noauth> options. For more details, see
-L<pts(1)>.
-
-=item B<-force>
-
-Enables the command to continue executing as far as possible when errors
-or other problems occur, rather than halting execution at the first error.
-
-=item B<-help>
-
-Prints the online help for this command. All other valid options are
-ignored.
-
-=back
-
-=head1 EXAMPLES
-
-The following example adds user smith to the group system:administrators.
-
- % pts adduser -user smith -group system:administrators
-
-The following example adds users C<jones>, C<terry>, and B<pat> to the
-smith:colleagues group.
-
- % pts adduser -user jones terry pat -group smith:colleagues
-
-The following example adds the machine entries in the ABC Corporation
-subnet to the group C<bin-prot>. Because of the IP address range of the
-ABC Corporation subnet, the system administrator was able to group the
-machines into three machine entries (using the wildcard notation discussed
-on the B<pts createuser> reference page).
-
- % pts adduser -user 138.255.0.0 192.12.105.0 192.12.106.0 -group bin-prot
-
-=head1 PRIVILEGE REQUIRED
-
-The required privilege depends on the setting of the fourth privacy flag
-in the Protection Database entry for each group named by the B<-group>
-argument (use the B<pts examine> command to display the flags):
-
-=over 4
-
-=item *
-
-If it is the hyphen, only the group's owner and members of the
-system:administrators group can add members.
-
-=item *
-
-If it is lowercase C<a>, current members of the group can add new members.
-
-=item *
-
-If it is uppercase C<A>, anyone who can access the cell's database server
-machines can add new members.
-
-=back
-
-=head1 SEE ALSO
-
-L<pts(1)>,
-L<pts_createuser(1)>,
-L<pts_examine(1)>,
-L<pts_membership(1)>,
-L<pts_removeuser(1)>,
-L<pts_setfields(1)>
-
-=head1 COPYRIGHT
-
-IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
-
-This documentation is covered by the IBM Public License Version 1.0. It was
-converted from HTML to POD by software written by Chas Williams and Russ
-Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
--- /dev/null
+=head1 NAME
+
+pts_adduser - Adds a user or machine to a Protection Database group
+
+=head1 SYNOPSIS
+
+=for html
+<div class="synopsis">
+
+B<pts adduser> S<<< B<-user> <I<user name>>+ >>> S<<< B<-group> <I<group name>>+ >>>
+ S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>] [B<-force>] [B<-help>]
+
+B<pts ad> S<<< B<-u> <I<user name>>+ >>> S<<< B<-g> <I<group name>>+ >>>
+ S<<< [B<-c> <I<cell name>>] >>> [B<-n>] [B<-l>] [B<-f>] [B<-h>]
+
+=for html
+</div>
+
+=head1 DESCRIPTION
+
+The B<pts adduser> command adds each user or machine entry named by the
+B<-user> argument as a member of each group named by the B<-group>
+argument.
+
+To remove members of a group, use the B<pts removeuser> command. To list
+the groups to which a user or machine belongs, or the members of a
+specified group, use the B<pts membership> command.
+
+=head1 CAUTIONS
+
+After being added as a group member, a currently authenticated user must
+reauthenticate (for example, by issuing the B<klog> command) to obtain
+permissions granted to the group on an access control list (ACL).
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-user> <I<user name>>+
+
+Specifies the name of each user or machine entry to add to each group
+named by the B<-group> argument. The name of a machine entry resembles an
+IP address and can use the wildcard notation described on the B<pts
+createuser> reference page. The user or machine entry must already exist
+in the Protection Database.
+
+=item B<-group> <I<group name>>+
+
+Specifies the complete name (including the owner prefix if applicable) of
+each group to which to add members. The group entry must already exist in
+the Protection Database.
+
+=include fragments/pts-common.pod
+
+=back
+
+=head1 EXAMPLES
+
+The following example adds user smith to the group system:administrators.
+
+ % pts adduser -user smith -group system:administrators
+
+The following example adds users C<jones>, C<terry>, and B<pat> to the
+smith:colleagues group.
+
+ % pts adduser -user jones terry pat -group smith:colleagues
+
+The following example adds the machine entries in the ABC Corporation
+subnet to the group C<bin-prot>. Because of the IP address range of the
+ABC Corporation subnet, the system administrator was able to group the
+machines into three machine entries (using the wildcard notation discussed
+on the B<pts createuser> reference page).
+
+ % pts adduser -user 138.255.0.0 192.12.105.0 192.12.106.0 -group bin-prot
+
+=head1 PRIVILEGE REQUIRED
+
+The required privilege depends on the setting of the fourth privacy flag
+in the Protection Database entry for each group named by the B<-group>
+argument (use the B<pts examine> command to display the flags):
+
+=over 4
+
+=item *
+
+If it is the hyphen, only the group's owner and members of the
+system:administrators group can add members.
+
+=item *
+
+If it is lowercase C<a>, current members of the group can add new members.
+
+=item *
+
+If it is uppercase C<A>, anyone who can access the cell's database server
+machines can add new members.
+
+=back
+
+=head1 SEE ALSO
+
+L<pts(1)>,
+L<pts_createuser(1)>,
+L<pts_examine(1)>,
+L<pts_membership(1)>,
+L<pts_removeuser(1)>,
+L<pts_setfields(1)>
+
+=head1 COPYRIGHT
+
+IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
+
+This documentation is covered by the IBM Public License Version 1.0. It was
+converted from HTML to POD by software written by Chas Williams and Russ
+Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
+++ /dev/null
-=head1 NAME
-
-pts_chown - Changes the owner of a Protection Database entry
-
-=head1 SYNOPSIS
-
-=for html
-<div class="synopsis">
-
-B<pts chown> S<<< B<-name> <I<group name>> >>> S<<< B<-owner> <I<new owner>> >>>
- S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>] [B<-force>] [B<-help>]
-
-B<pts cho> S<<< B<-na> <I<group name>> >>> S<<< B<-o> <I<new owner>> >>>
- S<<< [B<-c> <I<cell name>>] >>> [B<-no>] [B<-l>] [B<-f>] [B<-h>]
-
-=for html
-</div>
-
-=head1 DESCRIPTION
-
-The B<pts chown> command designates the user or group named by the
-B<-owner> argument as the owner of the group named by the B<-name>
-argument, and records the new owner in the owner field of the group's
-Protection Database entry.
-
-In the case of regular groups, this command automatically changes the
-group name's owner prefix (the part of the group name before the colon) to
-match the new owner. If the new owner is itself a group, then only its
-owner prefix, not its complete name, becomes the owner prefix in the new
-name. The change to the owner prefix does not propagate to any groups
-owned by the group, however. To make the owner prefix of such group-owned
-groups reflect the new owning group, use the B<pts rename> command.
-
-It is not possible to change a user or machine entry's owner from the
-default set at creation time, the system:administrators group.
-
-=head1 CAUTIONS
-
-While designating a machine as a group's owner does not cause an error, it
-is not recommended. The Protection Server does not extend the usual
-privileges of group ownership to users logged onto the machine.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-name> <I<group name>>
-
-Specifies the current name of the group to which to assign a new owner.
-
-=item B<-owner> <I<new owner>>
-
-Names the user or group to become the group's owner.
-
-=item B<-cell> <I<cell name>>
-
-Names the cell in which to run the command. For more details, see
-L<pts(1)>.
-
-=item B<-noauth>
-
-Assigns the unprivileged identity anonymous to the issuer. For more
-details, see L<pts(1)>.
-
-=item B<-localauth>
-
-Constructs a server ticket using a key from the local
-F</usr/afs/etc/KeyFile> file. Do not combine this flag with the B<-cell>
-or B<-noauth> options. For more details, see L<pts(1)>.
-
-=item B<-force>
-
-Enables the command to continue executing as far as possible when errors
-or other problems occur, rather than halting execution at the first error.
-
-=item B<-help>
-
-Prints the online help for this command. All other valid options are
-ignored.
-
-=back
-
-=head1 EXAMPLES
-
-The following example changes the owner of the group C<terry:friends> from
-the user C<terry> to the user C<pat>. A side effect is that the group name
-changes to C<pat:friends>.
-
- % pts chown -name terry:friends -owner pat
-
-The following example changes the owner of the group C<terry:friends> from
-the user C<terry> to the group C<pat:buddies>. A side effect is that the
-group name changes to C<pat:friends>.
-
- % pts chown -name terry:friends -owner pat:buddies
-
-=head1 PRIVILEGE REQUIRED
-
-The issuer must belong to the system:administrators group or currently own
-the group.
-
-=head1 SEE ALSO
-
-L<pts(1)>,
-L<pts_rename(1)>
-
-=head1 COPYRIGHT
-
-IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
-
-This documentation is covered by the IBM Public License Version 1.0. It was
-converted from HTML to POD by software written by Chas Williams and Russ
-Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
--- /dev/null
+=head1 NAME
+
+pts_chown - Changes the owner of a Protection Database entry
+
+=head1 SYNOPSIS
+
+=for html
+<div class="synopsis">
+
+B<pts chown> S<<< B<-name> <I<group name>> >>> S<<< B<-owner> <I<new owner>> >>>
+ S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>] [B<-force>] [B<-help>]
+
+B<pts cho> S<<< B<-na> <I<group name>> >>> S<<< B<-o> <I<new owner>> >>>
+ S<<< [B<-c> <I<cell name>>] >>> [B<-no>] [B<-l>] [B<-f>] [B<-h>]
+
+=for html
+</div>
+
+=head1 DESCRIPTION
+
+The B<pts chown> command designates the user or group named by the
+B<-owner> argument as the owner of the group named by the B<-name>
+argument, and records the new owner in the owner field of the group's
+Protection Database entry.
+
+In the case of regular groups, this command automatically changes the
+group name's owner prefix (the part of the group name before the colon) to
+match the new owner. If the new owner is itself a group, then only its
+owner prefix, not its complete name, becomes the owner prefix in the new
+name. The change to the owner prefix does not propagate to any groups
+owned by the group, however. To make the owner prefix of such group-owned
+groups reflect the new owning group, use the B<pts rename> command.
+
+It is not possible to change a user or machine entry's owner from the
+default set at creation time, the system:administrators group.
+
+=head1 CAUTIONS
+
+While designating a machine as a group's owner does not cause an error, it
+is not recommended. The Protection Server does not extend the usual
+privileges of group ownership to users logged onto the machine.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-name> <I<group name>>
+
+Specifies the current name of the group to which to assign a new owner.
+
+=item B<-owner> <I<new owner>>
+
+Names the user or group to become the group's owner.
+
+=include fragments/pts-common.pod
+
+=back
+
+=head1 EXAMPLES
+
+The following example changes the owner of the group C<terry:friends> from
+the user C<terry> to the user C<pat>. A side effect is that the group name
+changes to C<pat:friends>.
+
+ % pts chown -name terry:friends -owner pat
+
+The following example changes the owner of the group C<terry:friends> from
+the user C<terry> to the group C<pat:buddies>. A side effect is that the
+group name changes to C<pat:friends>.
+
+ % pts chown -name terry:friends -owner pat:buddies
+
+=head1 PRIVILEGE REQUIRED
+
+The issuer must belong to the system:administrators group or currently own
+the group.
+
+=head1 SEE ALSO
+
+L<pts(1)>,
+L<pts_rename(1)>
+
+=head1 COPYRIGHT
+
+IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
+
+This documentation is covered by the IBM Public License Version 1.0. It was
+converted from HTML to POD by software written by Chas Williams and Russ
+Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
+++ /dev/null
-=head1 NAME
-
-pts_creategroup - Creates an (empty) Protection Database group entry
-
-=head1 SYNOPSIS
-
-=for html
-<div class="synopsis">
-
-B<pts creategroup> S<<< B<-name> <I<group name>>+ >>>
- S<<< [B<-owner> <I<owner of the group>>] >>>
- S<<< [B<-id> <I<id (negated) for the group>>+] >>> S<<< [B<-cell> <I<cell name>>] >>>
- [B<-noauth>] [B<-localauth>] [B<-force>] [B<-help>]
-
-B<pts createg> S<<< B<-na> <I<group name>>+ >>> S<<< [B<-o> <I<owner of the group>>] >>>
- S<<< [B<-i> <I<id (negated) for the group>>+] >>> S<<< [B<-c> <I<cell name>>] >>>
- [B<-no>] [B<-l>] [B<-f>] [B<-h>]
-
-B<pts cg> S<<< B<-na> <I<group name>>+ >>> S<<< [B<-o> <I<owner of the group>>] >>>
- S<<< [B<-i> <I<id (negated) for the group>>+] >>> S<<< [B<-c> <I<cell name>>] >>>
- [B<-no>] [B<-l>] [B<-f>] [B<-h>]
-
-=for html
-</div>
-
-=head1 DESCRIPTION
-
-The B<pts creategroup> command creates an entry in the Protection Database
-for each group specified by the B<-name> argument. The entry records the
-issuer of the command as the group's creator, and as the group's owner
-unless the B<-owner> argument names an alternate user or group as the
-owner.
-
-There are two types of groups:
-
-=over 4
-
-=item *
-
-I<regular>, the names of which have two parts separated by a colon. The
-part before the colon names the group's owner. Any user can create such
-groups.
-
-=item *
-
-I<prefix-less>, which do not have an owner prefix. Only members of the
-system:administrators group can create prefix-less groups.
-
-=back
-
-Creating a group lowers the issuer's group-creation quota by one. This is
-true even if the B<-owner> argument is used to assign ownership to an
-alternate user or group. To display a user's group-creation quota, use the
-B<pts examine> command; to set it, use the B<pts setfields> command.
-
-AFS group ID (AFS GID) numbers are negative integers and by default the
-Protection Server assigns a GID that is one less (more negative) than the
-current value of the C<max group id> counter in the Protection Database,
-decrementing the counter by one for each group. Members of the
-system:administrators group can use the B<-id> argument to assign specific
-AFS GID numbers. If any of the specified GIDs is lower (more negative)
-than the current value of the C<max group id> counter, the counter is
-reset to that value. It is acceptable to specify a GID greater (less
-negative) than the current value of the counter, but the creation
-operation fails if an existing group already has it. To display or set the
-value of the C<max group id> counter, use the B<pts listmax> or B<pts
-setmax> command, respectively.
-
-=head1 OUTPUT
-
-The command generates the following string to confirm creation of each
-group:
-
- group <name> has id <AFS GID>
-
-=head1 CAUTIONS
-
-Although using the B<-owner> argument to designate a machine entry as a
-group's owner does not generate an error, it is not recommended. The
-Protection Server does not extend the usual privileges of group ownership
-to users logged onto the machine.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-name> <I<group name>>
-
-Specifies the name of each group to create. Provide a string of up to 63
-characters, which can include lowercase (but not uppercase) letters,
-numbers, and punctuation marks. A regular name includes a single colon
-(C<:>) to separate the two parts of the name; the colon cannot appear in a
-prefix-less group name.
-
-A regular group's name must have the following format:
-
- <owner_name>:<group_name>
-
-and the <owner_name> field must reflect the actual owner of the group, as
-follows:
-
-=over 4
-
-=item *
-
-If the optional B<-owner> argument is not included, the field must match
-the AFS username under which the issuer is currently authenticated.
-
-=item *
-
-If the B<-owner> argument names an alternate AFS user, the field must
-match that AFS username.
-
-=item *
-
-If the B<-owner> argument names another regular group, the field must
-match the owning group's owner field (the part of its name before the
-colon). If the B<-owner> argument names a prefix-less group, the field
-must match the owning group's complete name.
-
-=back
-
-=item B<-owner> <I<owner of the group>>
-
-Specifies a user or group as the owner for each group, rather than the
-issuer of the command. Provide either an AFS username or the name of a
-regular or prefix-less group. An owning group must already have at least
-one member. This requirement prevents assignment of self-ownership to a
-group during its creation; use the B<pts chown> command after issuing this
-command, if desired.
-
-=item B<-id> <I<id for the group>>
-
-Specifies a negative integer AFS GID number for each group, rather than
-allowing the Protection Server to assign it. Precede the integer with a
-hyphen (C<->) to indicate that it is negative.
-
-If this argument is used and the B<-name> argument names multiple new
-groups, it is best to provide an equivalent number of AFS GIDs. The first
-GID is assigned to the first group, the second to the second group, and so
-on. If there are fewer GIDs than groups, the Protection Server assigns
-GIDs to the unmatched groups based on the C<max group id> counter. If
-there are more GIDs than groups, the excess GIDs are ignored. If any of
-the GIDs is lower (more negative) than the current value of the C<max
-group id> counter, the counter is reset to that value.
-
-=item B<-cell> <I<cell name>>
-
-Names the cell in which to run the command. For more details, see
-L<pts(1)>.
-
-=item B<-noauth>
-
-Assigns the unprivileged identity anonymous to the issuer. For more
-details, see L<pts(1)>.
-
-=item B<-localauth>
-
-Constructs a server ticket using a key from the local
-F</usr/afs/etc/KeyFile> file. Do not combine this flag with the
-B<-cell> or B<-noauth> options. For more details, see L<pts(1)>.
-
-=item B<-force>
-
-Enables the command to continue executing as far as possible when errors
-or other problems occur, rather than halting execution at the first error.
-
-=item B<-help>
-
-Prints the online help for this command. All other valid options are
-ignored.
-
-=back
-
-=head1 EXAMPLES
-
-In the following example, the user pat creates groups called
-C<pat:friends> and C<pat:colleagues>.
-
- % pts creategroup -name pat:friends pat:colleagues
-
-The following example shows a member of the system:administrators group
-creating the prefix-less group C<staff> and assigning its ownership to the
-system:administrators group rather than to herself.
-
- % pts creategroup -name staff -owner system:administrators
-
-In the following example, the user pat creates a group called
-C<smith:team-members>, which is allowed because the B<-owner> argument
-specifies the required value (C<smith>).
-
- % pts creategroup -name smith:team-members -owner smith
-
-=head1 PRIVILEGE REQUIRED
-
-The issuer must belong to the system:administrators group to create
-prefix-less groups or include the B<-id> argument.
-
-To create a regular group, the issuer must
-
-=over 4
-
-=item *
-
-Be authenticated. The command fails if the B<-noauth> flag is provided.
-
-=item *
-
-Have a group-creation quota greater than zero. The B<pts examine> command
-displays this quota.
-
-=back
-
-=head1 SEE ALSO
-
-L<pts(1)>,
-L<pts_examine(1)>,
-L<pts_listmax(1)>,
-L<pts_setfields(1)>,
-L<pts_setmax(1)>
-
-=head1 COPYRIGHT
-
-IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
-
-This documentation is covered by the IBM Public License Version 1.0. It was
-converted from HTML to POD by software written by Chas Williams and Russ
-Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
--- /dev/null
+=head1 NAME
+
+pts_creategroup - Creates an (empty) Protection Database group entry
+
+=head1 SYNOPSIS
+
+=for html
+<div class="synopsis">
+
+B<pts creategroup> S<<< B<-name> <I<group name>>+ >>>
+ S<<< [B<-owner> <I<owner of the group>>] >>>
+ S<<< [B<-id> <I<id (negated) for the group>>+] >>> S<<< [B<-cell> <I<cell name>>] >>>
+ [B<-noauth>] [B<-localauth>] [B<-force>] [B<-help>]
+
+B<pts createg> S<<< B<-na> <I<group name>>+ >>> S<<< [B<-o> <I<owner of the group>>] >>>
+ S<<< [B<-i> <I<id (negated) for the group>>+] >>> S<<< [B<-c> <I<cell name>>] >>>
+ [B<-no>] [B<-l>] [B<-f>] [B<-h>]
+
+B<pts cg> S<<< B<-na> <I<group name>>+ >>> S<<< [B<-o> <I<owner of the group>>] >>>
+ S<<< [B<-i> <I<id (negated) for the group>>+] >>> S<<< [B<-c> <I<cell name>>] >>>
+ [B<-no>] [B<-l>] [B<-f>] [B<-h>]
+
+=for html
+</div>
+
+=head1 DESCRIPTION
+
+The B<pts creategroup> command creates an entry in the Protection Database
+for each group specified by the B<-name> argument. The entry records the
+issuer of the command as the group's creator, and as the group's owner
+unless the B<-owner> argument names an alternate user or group as the
+owner.
+
+There are two types of groups:
+
+=over 4
+
+=item *
+
+I<regular>, the names of which have two parts separated by a colon. The
+part before the colon names the group's owner. Any user can create such
+groups.
+
+=item *
+
+I<prefix-less>, which do not have an owner prefix. Only members of the
+system:administrators group can create prefix-less groups.
+
+=back
+
+Creating a group lowers the issuer's group-creation quota by one. This is
+true even if the B<-owner> argument is used to assign ownership to an
+alternate user or group. To display a user's group-creation quota, use the
+B<pts examine> command; to set it, use the B<pts setfields> command.
+
+AFS group ID (AFS GID) numbers are negative integers and by default the
+Protection Server assigns a GID that is one less (more negative) than the
+current value of the C<max group id> counter in the Protection Database,
+decrementing the counter by one for each group. Members of the
+system:administrators group can use the B<-id> argument to assign specific
+AFS GID numbers. If any of the specified GIDs is lower (more negative)
+than the current value of the C<max group id> counter, the counter is
+reset to that value. It is acceptable to specify a GID greater (less
+negative) than the current value of the counter, but the creation
+operation fails if an existing group already has it. To display or set the
+value of the C<max group id> counter, use the B<pts listmax> or B<pts
+setmax> command, respectively.
+
+=head1 OUTPUT
+
+The command generates the following string to confirm creation of each
+group:
+
+ group <name> has id <AFS GID>
+
+=head1 CAUTIONS
+
+Although using the B<-owner> argument to designate a machine entry as a
+group's owner does not generate an error, it is not recommended. The
+Protection Server does not extend the usual privileges of group ownership
+to users logged onto the machine.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-name> <I<group name>>
+
+Specifies the name of each group to create. Provide a string of up to 63
+characters, which can include lowercase (but not uppercase) letters,
+numbers, and punctuation marks. A regular name includes a single colon
+(C<:>) to separate the two parts of the name; the colon cannot appear in a
+prefix-less group name.
+
+A regular group's name must have the following format:
+
+ <owner_name>:<group_name>
+
+and the <owner_name> field must reflect the actual owner of the group, as
+follows:
+
+=over 4
+
+=item *
+
+If the optional B<-owner> argument is not included, the field must match
+the AFS username under which the issuer is currently authenticated.
+
+=item *
+
+If the B<-owner> argument names an alternate AFS user, the field must
+match that AFS username.
+
+=item *
+
+If the B<-owner> argument names another regular group, the field must
+match the owning group's owner field (the part of its name before the
+colon). If the B<-owner> argument names a prefix-less group, the field
+must match the owning group's complete name.
+
+=back
+
+=item B<-owner> <I<owner of the group>>
+
+Specifies a user or group as the owner for each group, rather than the
+issuer of the command. Provide either an AFS username or the name of a
+regular or prefix-less group. An owning group must already have at least
+one member. This requirement prevents assignment of self-ownership to a
+group during its creation; use the B<pts chown> command after issuing this
+command, if desired.
+
+=item B<-id> <I<id for the group>>
+
+Specifies a negative integer AFS GID number for each group, rather than
+allowing the Protection Server to assign it. Precede the integer with a
+hyphen (C<->) to indicate that it is negative.
+
+If this argument is used and the B<-name> argument names multiple new
+groups, it is best to provide an equivalent number of AFS GIDs. The first
+GID is assigned to the first group, the second to the second group, and so
+on. If there are fewer GIDs than groups, the Protection Server assigns
+GIDs to the unmatched groups based on the C<max group id> counter. If
+there are more GIDs than groups, the excess GIDs are ignored. If any of
+the GIDs is lower (more negative) than the current value of the C<max
+group id> counter, the counter is reset to that value.
+
+=include fragments/pts-common.pod
+
+=back
+
+=head1 EXAMPLES
+
+In the following example, the user pat creates groups called
+C<pat:friends> and C<pat:colleagues>.
+
+ % pts creategroup -name pat:friends pat:colleagues
+
+The following example shows a member of the system:administrators group
+creating the prefix-less group C<staff> and assigning its ownership to the
+system:administrators group rather than to herself.
+
+ % pts creategroup -name staff -owner system:administrators
+
+In the following example, the user pat creates a group called
+C<smith:team-members>, which is allowed because the B<-owner> argument
+specifies the required value (C<smith>).
+
+ % pts creategroup -name smith:team-members -owner smith
+
+=head1 PRIVILEGE REQUIRED
+
+The issuer must belong to the system:administrators group to create
+prefix-less groups or include the B<-id> argument.
+
+To create a regular group, the issuer must
+
+=over 4
+
+=item *
+
+Be authenticated. The command fails if the B<-noauth> flag is provided.
+
+=item *
+
+Have a group-creation quota greater than zero. The B<pts examine> command
+displays this quota.
+
+=back
+
+=head1 SEE ALSO
+
+L<pts(1)>,
+L<pts_examine(1)>,
+L<pts_listmax(1)>,
+L<pts_setfields(1)>,
+L<pts_setmax(1)>
+
+=head1 COPYRIGHT
+
+IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
+
+This documentation is covered by the IBM Public License Version 1.0. It was
+converted from HTML to POD by software written by Chas Williams and Russ
+Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
+++ /dev/null
-=head1 NAME
-
-pts_createuser - Creates a user or machine entry in the Protection Database
-
-=head1 SYNOPSIS
-
-=for html
-<div class="synopsis">
-
-B<pts createuser> S<<< B<-name> <I<user name>>+ >>> S<<< [B<-id> <I<user id>>+] >>>
- S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>] [B<-force>]
- [B<-help>]
-
-B<pts createu> S<<< B<-na> <I<user name>>+ >>> S<<< [B<-i> <I<user id>>+] >>>
- S<<< [B<-c> <I<cell name>>] >>> [B<-no>] [B<-l>] [B<-f>] [B<-h>]
-
-B<pts cu> S<<< B<-na> <I<user name>>+ >>> S<<< [B<-i> <I<user id>>+] >>>
- S<<< [B<-c> <I<cell name>>] >>> [B<-no>] [B<-l>] [B<-f>] [B<-h>]
-
-=for html
-</div>
-
-=head1 DESCRIPTION
-
-The B<pts createuser> command creates an entry in the Protection Database
-for each user or machine specified by the B<-name> argument. A user entry
-name becomes the user's AFS username (the one to provide when
-authenticating with the AFS Authentication Server). A machine entry's
-name is the machine's IP address or a wildcard notation that represents a
-range of consecutive IP addresses (a group of machines on the same
-network). It is not possible to authenticate as a machine, but a group to
-which a machine entry belongs can appear on a directory's access control
-list (ACL), thereby granting the indicated permissions to any user logged
-on to the machine.
-
-AFS user IDs (AFS UIDs) are positive integers and by default the
-Protection Server assigns an AFS UID that is one greater than the current
-value of the C<max user id> counter in the Protection Database,
-incrementing the counter by one for each user. To assign a specific AFS
-UID, use the B<-id> argument. If any of the specified AFS UIDs is greater
-than the current value of the C<max user id> counter, the counter is reset
-to that value. It is acceptable to specify an AFS UID smaller than the
-current value of the counter, but the creation operation fails if an
-existing user or machine entry already has it. To display or set the value
-of the C<max user id> counter, use the B<pts listmax> or B<pts setmax>
-command, respectively.
-
-The issuer of the B<pts createuser> command is recorded as the entry's
-creator and the group system:administrators as its owner.
-
-=head1 CAUTIONS
-
-The Protection Server reserves AFS UID 0 (zero) and returns an error if
-the B<-id> argument has that value.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-name> <I<user name>>+
-
-Specifies either a username for a user entry, or an IP address (complete
-or wildcarded) for a machine entry:
-
-=over 4
-
-=item *
-
-A username can include up to 63 numbers and lowercase letters, but it is
-best to make it shorter than eight characters, because many application
-programs cannot handle longer names. Also, it is best not to include shell
-metacharacters or other punctuation marks. In particular, the colon (C<:>)
-and at-sign (C<@>) characters are not acceptable. The period is generally
-used only in special administrative names, to separate the username and an
-I<instance>, as in the example C<pat.admin>.
-
-=item *
-
-A machine identifier is its IP address in dotted decimal notation (for
-example, 192.12.108.240), or a wildcard notation that represents a set of
-IP addresses (a group of machines on the same network). The following are
-acceptable wildcard formats. The letters C<W>, C<X>, C<Y> and C<Z> each
-represent an actual number from the range 1 through 255.
-
-=over 4
-
-=item *
-
-W.X.Y.Z represents a single machine, for example C<192.12.108.240>.
-
-=item *
-
-W.X.Y.0 matches all machines whose IP addresses start with the first three
-numbers. For example, C<192.12.108.0> matches both C<192.12.108.119> and
-C<192.12.108.120>, but does not match C<192.12.105.144>.
-
-=item *
-
-W.X.0.0 matches all machines whose IP addresses start with the first two
-numbers. For example, the address C<192.12.0.0> matches both
-C<192.12.106.23> and C<192.12.108.120>, but does not match C<192.5.30.95>.
-
-=item *
-
-W.0.0.0 matches all machines whose IP addresses start with the first
-number in the specified address. For example, the address C<192.0.0.0>
-matches both C<192.5.30.95> and C<192.12.108.120>, but does not match
-C<138.255.63.52>.
-
-=back
-
-Do not define a machine entry with the name C<0.0.0.0> to match every
-machine. The system:anyuser group is equivalent.
-
-=back
-
-=item B<-id> <I<user id>>+
-
-Specifies an AFS UID for each user or machine entry, rather than allowing
-the Protection Server to assign it. Provide a positive integer.
-
-If this argument is used and the B<-name> argument names multiple new
-entries, it is best to provide an equivalent number of AFS UIDs. The
-first UID is assigned to the first entry, the second to the second entry,
-and so on. If there are fewer UIDs than entries, the Protection Server
-assigns UIDs to the unmatched entries based on the C<max user id>
-counter. If there are more UIDs than entries, the excess UIDs are
-ignored. If any of the UIDs is greater than the current value of the C<max
-user id> counter, the counter is reset to that value.
-
-=item B<-cell> <I<cell name>>
-
-Names the cell in which to run the command. For more details, see
-L<pts(1)>.
-
-=item B<-noauth>
-
-Assigns the unprivileged identity anonymous to the issuer. For more
-details, see L<pts(1)>.
-
-=item B<-localauth>
-
-Constructs a server ticket using a key from the local
-F</usr/afs/etc/KeyFile> file. Do not combine this flag with the
-B<-cell> or B<-noauth> options. For more details, see L<pts(1)>.
-
-=item B<-force>
-
-Enables the command to continue executing as far as possible when errors
-or other problems occur, rather than halting execution at the first error.
-
-=item B<-help>
-
-Prints the online help for this command. All other valid options are
-ignored.
-
-=back
-
-=head1 OUTPUT
-
-The command generates the following string to confirm creation of each
-user:
-
- User <name> has id <id>
-
-=head1 EXAMPLES
-
-The following example creates a Protection Database entry for the user
-C<johnson>.
-
- % pts createuser -name johnson
-
-The following example creates three wildcarded machine entries in the ABC
-Corporation cell. The three entries encompass all of the machines on the
-company's networks without including machines on other networks:
-
- % pts createuser -name 138.255.0.0 192.12.105.0 192.12.106.0
-
-=head1 PRIVILEGE REQUIRED
-
-The issuer must belong to the system:administrators group.
-
-=head1 SEE ALSO
-
-L<pts(1)>,
-L<pts_listmax(1)>,
-L<pts_setmax(1)>
-
-=head1 COPYRIGHT
-
-IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
-
-This documentation is covered by the IBM Public License Version 1.0. It was
-converted from HTML to POD by software written by Chas Williams and Russ
-Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
--- /dev/null
+=head1 NAME
+
+pts_createuser - Creates a user or machine entry in the Protection Database
+
+=head1 SYNOPSIS
+
+=for html
+<div class="synopsis">
+
+B<pts createuser> S<<< B<-name> <I<user name>>+ >>> S<<< [B<-id> <I<user id>>+] >>>
+ S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>] [B<-force>]
+ [B<-help>]
+
+B<pts createu> S<<< B<-na> <I<user name>>+ >>> S<<< [B<-i> <I<user id>>+] >>>
+ S<<< [B<-c> <I<cell name>>] >>> [B<-no>] [B<-l>] [B<-f>] [B<-h>]
+
+B<pts cu> S<<< B<-na> <I<user name>>+ >>> S<<< [B<-i> <I<user id>>+] >>>
+ S<<< [B<-c> <I<cell name>>] >>> [B<-no>] [B<-l>] [B<-f>] [B<-h>]
+
+=for html
+</div>
+
+=head1 DESCRIPTION
+
+The B<pts createuser> command creates an entry in the Protection Database
+for each user or machine specified by the B<-name> argument. A user entry
+name becomes the user's AFS username (the one to provide when
+authenticating with the AFS Authentication Server). A machine entry's
+name is the machine's IP address or a wildcard notation that represents a
+range of consecutive IP addresses (a group of machines on the same
+network). It is not possible to authenticate as a machine, but a group to
+which a machine entry belongs can appear on a directory's access control
+list (ACL), thereby granting the indicated permissions to any user logged
+on to the machine.
+
+AFS user IDs (AFS UIDs) are positive integers and by default the
+Protection Server assigns an AFS UID that is one greater than the current
+value of the C<max user id> counter in the Protection Database,
+incrementing the counter by one for each user. To assign a specific AFS
+UID, use the B<-id> argument. If any of the specified AFS UIDs is greater
+than the current value of the C<max user id> counter, the counter is reset
+to that value. It is acceptable to specify an AFS UID smaller than the
+current value of the counter, but the creation operation fails if an
+existing user or machine entry already has it. To display or set the value
+of the C<max user id> counter, use the B<pts listmax> or B<pts setmax>
+command, respectively.
+
+The issuer of the B<pts createuser> command is recorded as the entry's
+creator and the group system:administrators as its owner.
+
+=head1 CAUTIONS
+
+The Protection Server reserves AFS UID 0 (zero) and returns an error if
+the B<-id> argument has that value.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-name> <I<user name>>+
+
+Specifies either a username for a user entry, or an IP address (complete
+or wildcarded) for a machine entry:
+
+=over 4
+
+=item *
+
+A username can include up to 63 numbers and lowercase letters, but it is
+best to make it shorter than eight characters, because many application
+programs cannot handle longer names. Also, it is best not to include shell
+metacharacters or other punctuation marks. In particular, the colon (C<:>)
+and at-sign (C<@>) characters are not acceptable. The period is generally
+used only in special administrative names, to separate the username and an
+I<instance>, as in the example C<pat.admin>.
+
+=item *
+
+A machine identifier is its IP address in dotted decimal notation (for
+example, 192.12.108.240), or a wildcard notation that represents a set of
+IP addresses (a group of machines on the same network). The following are
+acceptable wildcard formats. The letters C<W>, C<X>, C<Y> and C<Z> each
+represent an actual number from the range 1 through 255.
+
+=over 4
+
+=item *
+
+W.X.Y.Z represents a single machine, for example C<192.12.108.240>.
+
+=item *
+
+W.X.Y.0 matches all machines whose IP addresses start with the first three
+numbers. For example, C<192.12.108.0> matches both C<192.12.108.119> and
+C<192.12.108.120>, but does not match C<192.12.105.144>.
+
+=item *
+
+W.X.0.0 matches all machines whose IP addresses start with the first two
+numbers. For example, the address C<192.12.0.0> matches both
+C<192.12.106.23> and C<192.12.108.120>, but does not match C<192.5.30.95>.
+
+=item *
+
+W.0.0.0 matches all machines whose IP addresses start with the first
+number in the specified address. For example, the address C<192.0.0.0>
+matches both C<192.5.30.95> and C<192.12.108.120>, but does not match
+C<138.255.63.52>.
+
+=back
+
+Do not define a machine entry with the name C<0.0.0.0> to match every
+machine. The system:anyuser group is equivalent.
+
+=back
+
+=item B<-id> <I<user id>>+
+
+Specifies an AFS UID for each user or machine entry, rather than allowing
+the Protection Server to assign it. Provide a positive integer.
+
+If this argument is used and the B<-name> argument names multiple new
+entries, it is best to provide an equivalent number of AFS UIDs. The
+first UID is assigned to the first entry, the second to the second entry,
+and so on. If there are fewer UIDs than entries, the Protection Server
+assigns UIDs to the unmatched entries based on the C<max user id>
+counter. If there are more UIDs than entries, the excess UIDs are
+ignored. If any of the UIDs is greater than the current value of the C<max
+user id> counter, the counter is reset to that value.
+
+=include fragments/pts-common.pod
+
+=back
+
+=head1 OUTPUT
+
+The command generates the following string to confirm creation of each
+user:
+
+ User <name> has id <id>
+
+=head1 EXAMPLES
+
+The following example creates a Protection Database entry for the user
+C<johnson>.
+
+ % pts createuser -name johnson
+
+The following example creates three wildcarded machine entries in the ABC
+Corporation cell. The three entries encompass all of the machines on the
+company's networks without including machines on other networks:
+
+ % pts createuser -name 138.255.0.0 192.12.105.0 192.12.106.0
+
+=head1 PRIVILEGE REQUIRED
+
+The issuer must belong to the system:administrators group.
+
+=head1 SEE ALSO
+
+L<pts(1)>,
+L<pts_listmax(1)>,
+L<pts_setmax(1)>
+
+=head1 COPYRIGHT
+
+IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
+
+This documentation is covered by the IBM Public License Version 1.0. It was
+converted from HTML to POD by software written by Chas Williams and Russ
+Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
+++ /dev/null
-=head1 NAME
-
-pts_delete - Deletes a Protection Database entry
-
-=head1 SYNOPSIS
-
-=for html
-<div class="synopsis">
-
-B<pts delete> S<<< B<-nameorid> <I<user or group name or id>>+ >>>
- S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>]
- [B<-force>] [B<-help>]
-
-B<pts d> S<<< B<-na> <I<user or group name or id>>+ >>>
- S<<< [B<-c> <I<cell name>>] >>> [B<-no>] [B<-l>] [B<-f>] [-h]
-
-=for html
-</div>
-
-=head1 DESCRIPTION
-
-The B<pts delete> command removes each entry specified by the B<-nameorid>
-argument from the Protection Database. Deleting entries affects other
-parts of the system in various ways:
-
-=over 4
-
-=item *
-
-Deleted users and groups still appear on access control lists (ACLs), but
-are listed by AFS UID or GID rather than by name, because there is no
-longer an associated name to which to translate the ID. To remove these
-obsolete entries from ACLs, use the B<fs cleanacl> command.
-
-=item *
-
-Deleting a user or machine's entry removes it from the membership list of
-any group to which it belonged.
-
-=item *
-
-Deleting a group entry removes it from the membership list of any user or
-machine entry that belonged to the group, and also increments the
-group-creation quota of the group's creator by one, even if the creator no
-longer owns the group.
-
-=back
-
-To remove a user or machine from a group without actually deleting the
-entry, use the B<pts removeuser> command.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-nameorid> <I<user or group name or ID>>+
-
-Specifies the name or AFS UID of each user, the name or AFS GID of each
-group, or the IP address (complete or wildcard-style) or AFS UID of each
-machine entry to delete. It is acceptable to mix users, machines, and
-groups on the same command line, as well as names (IP addresses for
-machines) and IDs. Precede the GID of each group with a hyphen to indicate
-that it is negative.
-
-=item B<-cell> <I<cell name>>
-
-Names the cell in which to run the command. For more details, see
-L<pts(1)>.
-
-=item B<-noauth>
-
-Assigns the unprivileged identity anonymous to the issuer. For more
-details, see L<pts(1)>.
-
-=item B<-localauth>
-
-Constructs a server ticket using a key from the local
-F</usr/afs/etc/KeyFile> file. Do not combine this flag with the
-B<-cell> or B<-noauth> options. For more details, see L<pts(1)>.
-
-=item B<-force>
-
-Enables the command to continue executing as far as possible when errors
-or other problems occur, rather than halting execution at the first error.
-
-=item B<-help>
-
-Prints the online help for this command. All other valid options are
-ignored.
-
-=back
-
-=head1 EXAMPLES
-
-The following example deletes the user entries C<pat> and C<terry>:
-
- % pts delete pat terry
-
-The following example deletes the Protection Database entry of the group
-with AFS GID -215.
-
- % pts delete -215
-
-=head1 PRIVILEGE REQUIRED
-
-The issuer must belong to the system:administrators group to delete user
-and machine entries. To delete group entries, the issuer must either own
-the group or belong to the system:administrators group.
-
-=head1 SEE ALSO
-
-L<fs_cleanacl(1)>,
-L<pts(1)>,
-L<pts_removeuser(1)>
-
-=head1 COPYRIGHT
-
-IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
-
-This documentation is covered by the IBM Public License Version 1.0. It was
-converted from HTML to POD by software written by Chas Williams and Russ
-Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
--- /dev/null
+=head1 NAME
+
+pts_delete - Deletes a Protection Database entry
+
+=head1 SYNOPSIS
+
+=for html
+<div class="synopsis">
+
+B<pts delete> S<<< B<-nameorid> <I<user or group name or id>>+ >>>
+ S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>]
+ [B<-force>] [B<-help>]
+
+B<pts d> S<<< B<-na> <I<user or group name or id>>+ >>>
+ S<<< [B<-c> <I<cell name>>] >>> [B<-no>] [B<-l>] [B<-f>] [-h]
+
+=for html
+</div>
+
+=head1 DESCRIPTION
+
+The B<pts delete> command removes each entry specified by the B<-nameorid>
+argument from the Protection Database. Deleting entries affects other
+parts of the system in various ways:
+
+=over 4
+
+=item *
+
+Deleted users and groups still appear on access control lists (ACLs), but
+are listed by AFS UID or GID rather than by name, because there is no
+longer an associated name to which to translate the ID. To remove these
+obsolete entries from ACLs, use the B<fs cleanacl> command.
+
+=item *
+
+Deleting a user or machine's entry removes it from the membership list of
+any group to which it belonged.
+
+=item *
+
+Deleting a group entry removes it from the membership list of any user or
+machine entry that belonged to the group, and also increments the
+group-creation quota of the group's creator by one, even if the creator no
+longer owns the group.
+
+=back
+
+To remove a user or machine from a group without actually deleting the
+entry, use the B<pts removeuser> command.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-nameorid> <I<user or group name or ID>>+
+
+Specifies the name or AFS UID of each user, the name or AFS GID of each
+group, or the IP address (complete or wildcard-style) or AFS UID of each
+machine entry to delete. It is acceptable to mix users, machines, and
+groups on the same command line, as well as names (IP addresses for
+machines) and IDs. Precede the GID of each group with a hyphen to indicate
+that it is negative.
+
+=include fragments/pts-common.pod
+
+=back
+
+=head1 EXAMPLES
+
+The following example deletes the user entries C<pat> and C<terry>:
+
+ % pts delete pat terry
+
+The following example deletes the Protection Database entry of the group
+with AFS GID -215.
+
+ % pts delete -215
+
+=head1 PRIVILEGE REQUIRED
+
+The issuer must belong to the system:administrators group to delete user
+and machine entries. To delete group entries, the issuer must either own
+the group or belong to the system:administrators group.
+
+=head1 SEE ALSO
+
+L<fs_cleanacl(1)>,
+L<pts(1)>,
+L<pts_removeuser(1)>
+
+=head1 COPYRIGHT
+
+IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
+
+This documentation is covered by the IBM Public License Version 1.0. It was
+converted from HTML to POD by software written by Chas Williams and Russ
+Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
+++ /dev/null
-=head1 NAME
-
-pts_examine - Displays a Protection Database entry
-
-=head1 SYNOPSIS
-
-=for html
-<div class="synopsis">
-
-B<pts examine> S<<< B<-nameorid> <I<user or group name or id>>+ >>>
- S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>]
- [B<-force>] [B<-auth>] [B<-help>]
-
-B<pts e> S<<< B<-na> <I<user or group name or id>>+ >>> S<<< [B<-c> <I<cell name>>] >>>
- [B<-no>] [B<-l>] [B<-f>] [B<-a>] [B<-h>]
-
-B<pts check> S<<< B<-na> <I<user or group name or id>>+ >>> S<<< [B<-c> <I<cell name>>] >>>
- [B<-no>] [B<-l>] [B<-f>] [B<-a>] [B<-h>]
-
-B<pts che> S<<< B<-na> <I<user or group name or id>>+ >>> S<<< [B<-c> <I<cell name>>] >>>
- [B<-no>] [B<-l>] [B<-f>] [B<-a>] [B<-h>]
-
-=for html
-</div>
-
-=head1 DESCRIPTION
-
-The B<pts examine> command displays information from the Protection
-Database entry of each user, machine or group specified by the
-B<-nameorid> argument.
-
-=head1 OPTIONS
-
-=over 4
-
-=item -nameorid <I<user or group name or id>>+
-
-Specifies the name or AFS UID of each user, the name or AFS GID of each
-group, or the IP address (complete or wildcard-style) or AFS UID of each
-machine for which to display the Protection Database entry. It is
-acceptable to mix users, machines, and groups on the same command line, as
-well as names (IP addresses for machines) and IDs. Precede the GID of each
-group with a hyphen to indicate that it is negative.
-
-=item B<-cell> <I<cell name>>
-
-Names the cell in which to run the command. For more details, see
-L<pts(1)>.
-
-=item B<-noauth>
-
-Assigns the unprivileged identity anonymous to the issuer. For more
-details, see L<pts(1)>.
-
-=item B<-localauth>
-
-Constructs a server ticket using a key from the local
-F</usr/afs/etc/KeyFile> file. Do not combine this flag with the
-B<-cell> or B<-noauth> options. For more details, see L<pts(1)>.
-
-=item B<-force>
-
-Enables the command to continue executing as far as possible when errors
-or other problems occur, rather than halting execution at the first error.
-
-=item B<-auth>
-
-Run using the user's current authentication. This is the default unless
-the B<-noauth> or B<-localauth> options are used.
-
-=item B<-help>
-
-Prints the online help for this command. All other valid options are
-ignored.
-
-=back
-
-=head1 OUTPUT
-
-The output for each entry consists of two lines that include the following
-fields:
-
-=over 4
-
-=item Name
-
-The contents of this field depend on the type of entry:
-
-=over 4
-
-=item *
-
-For a user entry, it is the username that the user types when
-authenticating with AFS.
-
-=item *
-
-For a machine entry, it is either the IP address of a single machine in
-dotted decimal format, or a wildcard notation that represents a group of
-machines on the same network. See the B<pts createuser> reference page for
-an explanation of the wildcard notation.
-
-=item *
-
-For a group entry, it is one of two types of group name. If the name has a
-colon between the two parts, it represents a regular group and the part
-before the prefix reflects the group's owner. A prefix-less group does not
-have the owner field or the colon. For more details on group names, see
-the B<pts creategroup> reference page.
-
-=back
-
-=item id
-
-A unique number that the AFS server processes use to identify AFS users,
-machines and groups. AFS UIDs for user and machine entries are positive
-integers, and AFS GIDs for group entries are negative integers. AFS UIDs
-and GIDs are similar in function to the UIDs and GIDs used in local file
-systems such as UFS, but apply only to AFS operations.
-
-=item owner
-
-The user or group that owns the entry and thus can administer it (change
-the values in most of the fields displayed in the output of this command),
-or delete it entirely. The Protection Server automatically records the
-system:administrators group in this field for user and machine entries at
-creation time.
-
-=item creator
-
-The user who issued the B<pts createuser> or B<pts creategroup> command to
-create the entry. This field serves as an audit trail, and cannot be
-changed.
-
-=item membership
-
-An integer that for users and machines represents the number of groups to
-which the user or machine belongs. For groups, it represents the number of
-group members.
-
-=item flags
-
-A string of five characters, referred to as I<privacy flags>, which
-indicate who can display or administer certain aspects of the entry.
-
-=over 4
-
-=item s
-
-Controls who can issue the B<pts examine> command to display the entry.
-
-=item o
-
-Controls who can issue the B<pts listowned> command to display the groups
-that a user or group owns.
-
-=item m
-
-Controls who can issue the B<pts membership> command to display the groups
-a user or machine belongs to, or which users or machines belong to a
-group.
-
-=item a
-
-Controls who can issue the B<pts adduser> command to add a user or machine
-to a group. It is meaningful only for groups, but a value must always be
-set for it even on user and machine entries.
-
-=item r
-
-Controls who can issue the B<pts removeuser> command to remove a user or
-machine from a group. It is meaningful only for groups, but a value must
-always be set for it even on user and machine entries.
-
-=back
-
-Each flag can take three possible types of values to enable a different
-set of users to issue the corresponding command:
-
-=over 4
-
-=item *
-
-A hyphen (-) designates the members of the system:administrators group and
-the entry's owner. For user entries, it designates the user in addition.
-
-=item *
-
-The lowercase version of the letter applies meaningfully to groups only,
-and designates members of the group in addition to the individuals
-designated by the hyphen.
-
-=item *
-
-The uppercase version of the letter designates everyone.
-
-=back
-
-For example, the flags C<SOmar> on a group entry indicate that anyone can
-examine the group's entry and display the groups that it owns, and that
-only the group's members can display, add, or remove its members.
-
-The default privacy flags for user and machine entries are C<S---->,
-meaning that anyone can display the entry. The ability to perform any
-other functions is restricted to members of the system:administrators
-group and the entry's owner (as well as the user for a user entry).
-
-The default privacy flags for group entries are C<S-M-->, meaning that all
-users can display the entry and the members of the group, but only the
-entry owner and members of the system:administrators group can perform
-other functions. The defaults for the privacy flags may be changed by
-running B<ptserver> with the B<-default_access> option. See L<ptserver(8)>
-for more discussion of the B<-default_access> option.
-
-=item group quota
-
-The number of additional groups the user is allowed to create. The B<pts
-createuser> command sets it to 20 for both users and machines, but it has
-no meaningful interpretation for a machine, because it is not possible to
-authenticate as a machine. Similarly, it has no meaning in group entries
-that only deal with the local cell and the B<pts creategroup> command sets
-it to 0 (zero); do not change this value.
-
-When using cross-realm authentication, a special group of the form
-system:authuser@FOREIGN.REALM is created by an administrator and used. If
-the group quota for this special group is greater than zero, then aklog
-will automatically register foreign users in the local PTS database, add
-the foreign user to the system:authuser@FOREIGN.REALM, and decrement the
-group quota by one.
-
-=back
-
-=head1 EXAMPLES
-
-The following example displays the user entry for C<terry> and the machine
-entry C<158.12.105.44>.
-
- % pts examine terry 158.12.105.44
- Name: terry, id: 1045, owner: system:administrators, creator: admin,
- membership: 9, flags: S----, group quota: 15.
- Name: 158.12.105.44, id: 5151, owner: system:administrators,
- creator: byu, membership: 1, flags: S----, group quota: 20.
-
-The following example displays the entries for the AFS groups with GIDs
--673 and -674.
-
- % pts examine -673 -674
- Name: terry:friends, id: -673, owner: terry, creator: terry,
- membership: 5, flags: S-M--, group quota: 0.
- Name: smith:colleagues, id: -674, owner: smith, creator: smith,
- membership: 14, flags: SOM--, group quota: 0.
-
-=head1 PRIVILEGE REQUIRED
-
-The required privilege depends on the setting of the first privacy flag in
-the Protection Database entry of each entry specified by the B<-nameorid>
-argument:
-
-=over 4
-
-=item *
-
-If it is lowercase C<s>, members of the system:administrators group and
-the user associated with a user entry can examine it, and only members of
-the system:administrators group can examine a machine or group entry.
-
-=item *
-
-If it is uppercase C<S>, anyone who can access the cell's database server
-machines can examine the entry.
-
-=back
-
-=head1 SEE ALSO
-
-L<pts(1)>,
-L<pts_adduser(1)>,
-L<pts_chown(1)>,
-L<pts_creategroup(1)>,
-L<pts_createuser(1)>,
-L<pts_listowned(1)>,
-L<pts_membership(1)>,
-L<pts_removeuser(1)>,
-L<pts_rename(1)>,
-L<pts_setfields(1)>
-
-=head1 COPYRIGHT
-
-IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
-
-This documentation is covered by the IBM Public License Version 1.0. It was
-converted from HTML to POD by software written by Chas Williams and Russ
-Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
--- /dev/null
+=head1 NAME
+
+pts_examine - Displays a Protection Database entry
+
+=head1 SYNOPSIS
+
+=for html
+<div class="synopsis">
+
+B<pts examine> S<<< B<-nameorid> <I<user or group name or id>>+ >>>
+ S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>]
+ [B<-force>] [B<-auth>] [B<-help>]
+
+B<pts e> S<<< B<-na> <I<user or group name or id>>+ >>> S<<< [B<-c> <I<cell name>>] >>>
+ [B<-no>] [B<-l>] [B<-f>] [B<-a>] [B<-h>]
+
+B<pts check> S<<< B<-na> <I<user or group name or id>>+ >>> S<<< [B<-c> <I<cell name>>] >>>
+ [B<-no>] [B<-l>] [B<-f>] [B<-a>] [B<-h>]
+
+B<pts che> S<<< B<-na> <I<user or group name or id>>+ >>> S<<< [B<-c> <I<cell name>>] >>>
+ [B<-no>] [B<-l>] [B<-f>] [B<-a>] [B<-h>]
+
+=for html
+</div>
+
+=head1 DESCRIPTION
+
+The B<pts examine> command displays information from the Protection
+Database entry of each user, machine or group specified by the
+B<-nameorid> argument.
+
+=head1 OPTIONS
+
+=over 4
+
+=item -nameorid <I<user or group name or id>>+
+
+Specifies the name or AFS UID of each user, the name or AFS GID of each
+group, or the IP address (complete or wildcard-style) or AFS UID of each
+machine for which to display the Protection Database entry. It is
+acceptable to mix users, machines, and groups on the same command line, as
+well as names (IP addresses for machines) and IDs. Precede the GID of each
+group with a hyphen to indicate that it is negative.
+
+=item B<-auth>
+
+Run using the user's current authentication. This is the default unless
+the B<-noauth> or B<-localauth> options are used.
+
+=include fragments/pts-common.pod
+
+=back
+
+=head1 OUTPUT
+
+The output for each entry consists of two lines that include the following
+fields:
+
+=over 4
+
+=item Name
+
+The contents of this field depend on the type of entry:
+
+=over 4
+
+=item *
+
+For a user entry, it is the username that the user types when
+authenticating with AFS.
+
+=item *
+
+For a machine entry, it is either the IP address of a single machine in
+dotted decimal format, or a wildcard notation that represents a group of
+machines on the same network. See the B<pts createuser> reference page for
+an explanation of the wildcard notation.
+
+=item *
+
+For a group entry, it is one of two types of group name. If the name has a
+colon between the two parts, it represents a regular group and the part
+before the prefix reflects the group's owner. A prefix-less group does not
+have the owner field or the colon. For more details on group names, see
+the B<pts creategroup> reference page.
+
+=back
+
+=item id
+
+A unique number that the AFS server processes use to identify AFS users,
+machines and groups. AFS UIDs for user and machine entries are positive
+integers, and AFS GIDs for group entries are negative integers. AFS UIDs
+and GIDs are similar in function to the UIDs and GIDs used in local file
+systems such as UFS, but apply only to AFS operations.
+
+=item owner
+
+The user or group that owns the entry and thus can administer it (change
+the values in most of the fields displayed in the output of this command),
+or delete it entirely. The Protection Server automatically records the
+system:administrators group in this field for user and machine entries at
+creation time.
+
+=item creator
+
+The user who issued the B<pts createuser> or B<pts creategroup> command to
+create the entry. This field serves as an audit trail, and cannot be
+changed.
+
+=item membership
+
+An integer that for users and machines represents the number of groups to
+which the user or machine belongs. For groups, it represents the number of
+group members.
+
+=item flags
+
+A string of five characters, referred to as I<privacy flags>, which
+indicate who can display or administer certain aspects of the entry.
+
+=over 4
+
+=item s
+
+Controls who can issue the B<pts examine> command to display the entry.
+
+=item o
+
+Controls who can issue the B<pts listowned> command to display the groups
+that a user or group owns.
+
+=item m
+
+Controls who can issue the B<pts membership> command to display the groups
+a user or machine belongs to, or which users or machines belong to a
+group.
+
+=item a
+
+Controls who can issue the B<pts adduser> command to add a user or machine
+to a group. It is meaningful only for groups, but a value must always be
+set for it even on user and machine entries.
+
+=item r
+
+Controls who can issue the B<pts removeuser> command to remove a user or
+machine from a group. It is meaningful only for groups, but a value must
+always be set for it even on user and machine entries.
+
+=back
+
+Each flag can take three possible types of values to enable a different
+set of users to issue the corresponding command:
+
+=over 4
+
+=item *
+
+A hyphen (-) designates the members of the system:administrators group and
+the entry's owner. For user entries, it designates the user in addition.
+
+=item *
+
+The lowercase version of the letter applies meaningfully to groups only,
+and designates members of the group in addition to the individuals
+designated by the hyphen.
+
+=item *
+
+The uppercase version of the letter designates everyone.
+
+=back
+
+For example, the flags C<SOmar> on a group entry indicate that anyone can
+examine the group's entry and display the groups that it owns, and that
+only the group's members can display, add, or remove its members.
+
+The default privacy flags for user and machine entries are C<S---->,
+meaning that anyone can display the entry. The ability to perform any
+other functions is restricted to members of the system:administrators
+group and the entry's owner (as well as the user for a user entry).
+
+The default privacy flags for group entries are C<S-M-->, meaning that all
+users can display the entry and the members of the group, but only the
+entry owner and members of the system:administrators group can perform
+other functions. The defaults for the privacy flags may be changed by
+running B<ptserver> with the B<-default_access> option. See L<ptserver(8)>
+for more discussion of the B<-default_access> option.
+
+=item group quota
+
+The number of additional groups the user is allowed to create. The B<pts
+createuser> command sets it to 20 for both users and machines, but it has
+no meaningful interpretation for a machine, because it is not possible to
+authenticate as a machine. Similarly, it has no meaning in group entries
+that only deal with the local cell and the B<pts creategroup> command sets
+it to 0 (zero); do not change this value.
+
+When using cross-realm authentication, a special group of the form
+system:authuser@FOREIGN.REALM is created by an administrator and used. If
+the group quota for this special group is greater than zero, then aklog
+will automatically register foreign users in the local PTS database, add
+the foreign user to the system:authuser@FOREIGN.REALM, and decrement the
+group quota by one.
+
+=back
+
+=head1 EXAMPLES
+
+The following example displays the user entry for C<terry> and the machine
+entry C<158.12.105.44>.
+
+ % pts examine terry 158.12.105.44
+ Name: terry, id: 1045, owner: system:administrators, creator: admin,
+ membership: 9, flags: S----, group quota: 15.
+ Name: 158.12.105.44, id: 5151, owner: system:administrators,
+ creator: byu, membership: 1, flags: S----, group quota: 20.
+
+The following example displays the entries for the AFS groups with GIDs
+-673 and -674.
+
+ % pts examine -673 -674
+ Name: terry:friends, id: -673, owner: terry, creator: terry,
+ membership: 5, flags: S-M--, group quota: 0.
+ Name: smith:colleagues, id: -674, owner: smith, creator: smith,
+ membership: 14, flags: SOM--, group quota: 0.
+
+=head1 PRIVILEGE REQUIRED
+
+The required privilege depends on the setting of the first privacy flag in
+the Protection Database entry of each entry specified by the B<-nameorid>
+argument:
+
+=over 4
+
+=item *
+
+If it is lowercase C<s>, members of the system:administrators group and
+the user associated with a user entry can examine it, and only members of
+the system:administrators group can examine a machine or group entry.
+
+=item *
+
+If it is uppercase C<S>, anyone who can access the cell's database server
+machines can examine the entry.
+
+=back
+
+=head1 SEE ALSO
+
+L<pts(1)>,
+L<pts_adduser(1)>,
+L<pts_chown(1)>,
+L<pts_creategroup(1)>,
+L<pts_createuser(1)>,
+L<pts_listowned(1)>,
+L<pts_membership(1)>,
+L<pts_removeuser(1)>,
+L<pts_rename(1)>,
+L<pts_setfields(1)>
+
+=head1 COPYRIGHT
+
+IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
+
+This documentation is covered by the IBM Public License Version 1.0. It was
+converted from HTML to POD by software written by Chas Williams and Russ
+Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
+++ /dev/null
-=head1 NAME
-
-pts_interactive - Enters interactive mode
-
-=head1 SYNOPSIS
-
-=for html
-<div class="synopsis">
-
-B<pts interactive> S<<< [B<-cell>] <I<cell name>> >>> [B<-noauth>]
- [B<-auth>] [B<-localauth>] [B<-force>]
-
-B<pts in> S<<< [B<-c>] <I<cell name>> >>> [B<-n>] [B<-f>]
-
-=for html
-</div>
-
-=head1 DESCRIPTION
-
-The B<pts interactive> command allows the user to enter an interactive
-mode, useful for running bulk commands like creating new users or groups.
-
-B<pts interactive> uses the authentication state supplied on its command
-line to run all bulk commands. However, if a bulk command is supplied
-with authentication options such as B<-cell>, B<-localauth>, B<-auth>
-or B<-noauth> then it, and all subsequent bulk commands, will be run with
-those options.
-
-=head1 CAUTIONS
-
-Prior to OpenAFS 1.4.5 and OpenAFS 1.5.23, the B<pts interactive> command
-was only available on Unix or Linux and when OpenAFS was compiled with the
-supergroups option (disabled by default). As of OpenAFS 1.4.5 and 1.5.23,
-it is always available.
-
-Running bulk B<pts> commands may degrade the performance of the Protection
-Server while they are run and server resources may not be released
-immediately after commands are run. The B<pts sleep> command can be used
-in interactive mode or with B<pts source> to give the Protection Server a
-change to catch up.
-
-=head1 OPTIONS
-
-B<pts interactive> only takes the standard B<pts> options.
-
-=over 4
-
-=item B<-cell> <I<cell name>>
-
-Names the cell in which to run the command. For more details, see
-L<pts(1)>.
-
-=item B<-force>
-
-Enables the command to continue executing as far as possible when errors
-or other problems occur, rather than halting execution at the first error.
-This is useful for bulk operations where you would like to continue even
-if one of many operations fails.
-
-=item B<-noauth>
-
-Assigns the unprivileged identity anonymous to the issuer. For more
-details, see L<pts(1)>.
-
-=item B<-localauth>
-
-Constructs a server ticket using a key from the local
-F</usr/afs/etc/KeyFile> file. Do not combine this flag with the
-B<-cell> or B<-noauth> options. For more details, see L<pts(1)>.
-
-=back
-
-=head1 OUTPUT
-
-The output is the same as if each individual command were run from the
-command line.
-
-=head1 EXAMPLES
-
-Here is an example of a B<pts interactive> session:
-
- % pts interactive
- pts> examine admin
- Name: admin, id: 1, owner: system:administrators, creator: anonymous,
- membership: 2, flags: S----, group quota: 20.
- pts> help
- pts: Commands are:
- adduser add a user to a group
- apropos search by help text
- chown change ownership of a group
- creategroup create a new group
- createuser create a new user
- delete delete a user or group from database
- examine examine an entry
- help get help on commands
- interactive enter interactive mode
- listentries list users/groups in the protection database
- listmax list max id
- listowned list groups owned by an entry or zero id gets orphaned groups
- membership list membership of a user or group
- quit exit program
- removeuser remove a user from a group
- rename rename user or group
- setfields set fields for an entry
- setmax set max id
- sleep pause for a bit
- source read commands from file
- pts> quit
- %
-
-=head1 PRIVILEGE REQUIRED
-
-The same privilege is required to run the command in interactive mode as
-is required to run the command by itself on the command line. Some
-commands such as B<pts createuser> require that the user belong to the
-system:administrators group, while others do not.
-
-=head1 SEE ALSO
-
-L<pts(1)>,
-L<pts_quit(1)>,
-L<pts_sleep(1)>,
-L<pts_source(1)>,
-L<ptserver(8)>
-
-=head1 COPYRIGHT
-
-Copyright 2007 Jason Edgecombe <jason@rampaginggeek.com>
-
-This documentation is covered by the BSD License as written in the
-doc/LICENSE file. This man page was written by Jason Edgecombe for
-OpenAFS.
--- /dev/null
+=head1 NAME
+
+pts_interactive - Enters interactive mode
+
+=head1 SYNOPSIS
+
+=for html
+<div class="synopsis">
+
+B<pts interactive> S<<< [B<-cell>] <I<cell name>> >>> [B<-noauth>]
+ [B<-auth>] [B<-localauth>] [B<-force>]
+
+B<pts in> S<<< [B<-c>] <I<cell name>> >>> [B<-n>] [B<-f>]
+
+=for html
+</div>
+
+=head1 DESCRIPTION
+
+The B<pts interactive> command allows the user to enter an interactive
+mode, useful for running bulk commands like creating new users or groups.
+
+B<pts interactive> uses the authentication state supplied on its command
+line to run all bulk commands. However, if a bulk command is supplied
+with authentication options such as B<-cell>, B<-localauth>, B<-auth>
+or B<-noauth> then it, and all subsequent bulk commands, will be run with
+those options.
+
+=head1 CAUTIONS
+
+Prior to OpenAFS 1.4.5 and OpenAFS 1.5.23, the B<pts interactive> command
+was only available on Unix or Linux and when OpenAFS was compiled with the
+supergroups option (disabled by default). As of OpenAFS 1.4.5 and 1.5.23,
+it is always available.
+
+Running bulk B<pts> commands may degrade the performance of the Protection
+Server while they are run and server resources may not be released
+immediately after commands are run. The B<pts sleep> command can be used
+in interactive mode or with B<pts source> to give the Protection Server a
+change to catch up.
+
+=head1 OPTIONS
+
+B<pts interactive> only takes the standard B<pts> options.
+
+=over 4
+
+=include fragments/pts-common.pod
+
+=back
+
+=head1 OUTPUT
+
+The output is the same as if each individual command were run from the
+command line.
+
+=head1 EXAMPLES
+
+Here is an example of a B<pts interactive> session:
+
+ % pts interactive
+ pts> examine admin
+ Name: admin, id: 1, owner: system:administrators, creator: anonymous,
+ membership: 2, flags: S----, group quota: 20.
+ pts> help
+ pts: Commands are:
+ adduser add a user to a group
+ apropos search by help text
+ chown change ownership of a group
+ creategroup create a new group
+ createuser create a new user
+ delete delete a user or group from database
+ examine examine an entry
+ help get help on commands
+ interactive enter interactive mode
+ listentries list users/groups in the protection database
+ listmax list max id
+ listowned list groups owned by an entry or zero id gets orphaned groups
+ membership list membership of a user or group
+ quit exit program
+ removeuser remove a user from a group
+ rename rename user or group
+ setfields set fields for an entry
+ setmax set max id
+ sleep pause for a bit
+ source read commands from file
+ pts> quit
+ %
+
+=head1 PRIVILEGE REQUIRED
+
+The same privilege is required to run the command in interactive mode as
+is required to run the command by itself on the command line. Some
+commands such as B<pts createuser> require that the user belong to the
+system:administrators group, while others do not.
+
+=head1 SEE ALSO
+
+L<pts(1)>,
+L<pts_quit(1)>,
+L<pts_sleep(1)>,
+L<pts_source(1)>,
+L<ptserver(8)>
+
+=head1 COPYRIGHT
+
+Copyright 2007 Jason Edgecombe <jason@rampaginggeek.com>
+
+This documentation is covered by the BSD License as written in the
+doc/LICENSE file. This man page was written by Jason Edgecombe for
+OpenAFS.
+++ /dev/null
-=head1 NAME
-
-pts_listentries - Displays all users or groups in the Protection Database
-
-=head1 SYNOPSIS
-
-=for html
-<div class="synopsis">
-
-B<pts listentries> [B<-users>] [B<-groups>] S<<< [B<-cell> <I<cell name>>] >>>
- [B<-noauth>] [B<-localauth>] [B<-force>] [B<-help>]
-
-B<pts liste> [B<-u>] [B<-g>] S<<< [B<-c> <I<cell name>>] >>> [B<-n>] [B<-l>]
- [B<-f>] [B<-h>]
-
-=for html
-</div>
-
-=head1 DESCRIPTION
-
-The B<pts listentries> command displays the name and AFS ID of all
-Protection Database entries of the indicated type. It also displays the
-AFS ID of each entry's owner and creator.
-
-To display all user and machine entries, either include the B<-users> flag
-or omit both it and the B<-groups> flag. To display all group entries,
-include the B<-groups> flag. To display all entries, provide both flags.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-users>
-
-Displays user and machine entries.
-
-=item B<-groups>
-
-Displays group entries.
-
-=item B<-cell> <I<cell name>>
-
-Names the cell in which to run the command. For more details, see
-L<pts(1)>.
-
-=item B<-noauth>
-
-Assigns the unprivileged identity anonymous to the issuer. For more
-details, see L<pts(1)>.
-
-=item B<-localauth>
-
-Constructs a server ticket using a key from the local
-F</usr/afs/etc/KeyFile> file. Do not combine this flag with the
-B<-cell> or B<-noauth> options. For more details, see L<pts(1)>.
-
-=item B<-force>
-
-Enables the command to continue executing as far as possible when errors
-or other problems occur, rather than halting execution at the first error.
-
-=item B<-help>
-
-Prints the online help for this command. All other valid options are
-ignored.
-
-=back
-
-=head1 OUTPUT
-
-The output includes a line for each entry, with information in four
-columns that have the following headers:
-
-=over 4
-
-=item Name
-
-The entry's name.
-
-=item ID
-
-The entry's AFS ID (AFS UID for a user or machine, negative AFS GID for a
-group).
-
-=item Owner
-
-The AFS ID of the user or group that owns the entry.
-
-=item Creator
-
-The AFS ID of the user who created the entry (the system:administrators
-group is listed as the creator of the entry for C<anonymous> and the
-system groups, but it is not otherwise possible for a group to create
-groups).
-
-=back
-
-In general, the entries appear in the order in which they were created.
-
-=head1 EXAMPLES
-
-The following example displays both user and group entries.
-
- % pts listentries -users -groups
- Name ID Owner Creator
- system:administrators -204 -204 -204
- system:anyuser -101 -204 -204
- system:authuser -102 -204 -204
- anonymous 32766 -204 -204
- admin 1 -204 32766
- pat 100 -204 1
- smith 101 -204 1
- pat:friends -206 100 100
- staff -207 -204 1
-
-=head1 PRIVILEGE REQUIRED
-
-The issuer must belong to the system:administrators group.
-
-=head1 SEE ALSO
-
-L<pts(1)>,
-L<pts_creategroup(1)>,
-L<pts_createuser(1)>,
-L<pts_examine(1)>
-
-=head1 COPYRIGHT
-
-IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
-
-This documentation is covered by the IBM Public License Version 1.0. It was
-converted from HTML to POD by software written by Chas Williams and Russ
-Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
--- /dev/null
+=head1 NAME
+
+pts_listentries - Displays all users or groups in the Protection Database
+
+=head1 SYNOPSIS
+
+=for html
+<div class="synopsis">
+
+B<pts listentries> [B<-users>] [B<-groups>] S<<< [B<-cell> <I<cell name>>] >>>
+ [B<-noauth>] [B<-localauth>] [B<-force>] [B<-help>]
+
+B<pts liste> [B<-u>] [B<-g>] S<<< [B<-c> <I<cell name>>] >>> [B<-n>] [B<-l>]
+ [B<-f>] [B<-h>]
+
+=for html
+</div>
+
+=head1 DESCRIPTION
+
+The B<pts listentries> command displays the name and AFS ID of all
+Protection Database entries of the indicated type. It also displays the
+AFS ID of each entry's owner and creator.
+
+To display all user and machine entries, either include the B<-users> flag
+or omit both it and the B<-groups> flag. To display all group entries,
+include the B<-groups> flag. To display all entries, provide both flags.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-users>
+
+Displays user and machine entries.
+
+=item B<-groups>
+
+Displays group entries.
+
+=include fragments/pts-common.pod
+
+=back
+
+=head1 OUTPUT
+
+The output includes a line for each entry, with information in four
+columns that have the following headers:
+
+=over 4
+
+=item Name
+
+The entry's name.
+
+=item ID
+
+The entry's AFS ID (AFS UID for a user or machine, negative AFS GID for a
+group).
+
+=item Owner
+
+The AFS ID of the user or group that owns the entry.
+
+=item Creator
+
+The AFS ID of the user who created the entry (the system:administrators
+group is listed as the creator of the entry for C<anonymous> and the
+system groups, but it is not otherwise possible for a group to create
+groups).
+
+=back
+
+In general, the entries appear in the order in which they were created.
+
+=head1 EXAMPLES
+
+The following example displays both user and group entries.
+
+ % pts listentries -users -groups
+ Name ID Owner Creator
+ system:administrators -204 -204 -204
+ system:anyuser -101 -204 -204
+ system:authuser -102 -204 -204
+ anonymous 32766 -204 -204
+ admin 1 -204 32766
+ pat 100 -204 1
+ smith 101 -204 1
+ pat:friends -206 100 100
+ staff -207 -204 1
+
+=head1 PRIVILEGE REQUIRED
+
+The issuer must belong to the system:administrators group.
+
+=head1 SEE ALSO
+
+L<pts(1)>,
+L<pts_creategroup(1)>,
+L<pts_createuser(1)>,
+L<pts_examine(1)>
+
+=head1 COPYRIGHT
+
+IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
+
+This documentation is covered by the IBM Public License Version 1.0. It was
+converted from HTML to POD by software written by Chas Williams and Russ
+Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
+++ /dev/null
-=head1 NAME
-
-pts_listmax - Displays the max user id and max group id counters
-
-=head1 SYNOPSIS
-
-=for html
-<div class="synopsis">
-
-B<pts listmax> S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>]
- [B<-force>] [B<-help>]
-
-B<pts listm> S<<< [B<-c> <I<cell name>>] >>> [B<-n>] [B<-l>] [B<-f>] [B<-h>]
-
-=for html
-</div>
-
-=head1 DESCRIPTION
-
-The B<pts listmax> command displays the values of the C<max user id> and
-C<max group id> counters, which the Protection Server uses to track the
-AFS user IDs (AFS UIDs) it allocates to new users or machines, and the AFS
-group IDs (AFS GIDs) it allocates to new groups, respectively. When an
-administrator next issues the B<pts createuser> command and does not
-include the B<-id> argument, the new user or machine receives an AFS UID
-one greater than the C<max user id> counter, and when a user issues the
-B<pts creategroup> command and does not include the B<-id> argument, the
-new group receives an AFS UID one less (more negative) than the C<max
-group id> counter.
-
-To reset one or both counters, members of the system:administrators group
-can issue the B<pts setmax> command.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-cell> <I<cell name>>
-
-Names the cell in which to run the command. For more details, see
-L<pts(1)>.
-
-=item B<-noauth>
-
-Assigns the unprivileged identity anonymous to the issuer. For more
-details, see L<pts(1)>.
-
-=item B<-localauth>
-
-Constructs a server ticket using a key from the local
-F</usr/afs/etc/KeyFile> file. Do not combine this flag with the
-B<-cell> or B<-noauth> options. For more details, see L<pts(1)>.
-
-=item B<-force>
-
-Enables the command to continue executing as far as possible when errors
-or other problems occur, rather than halting execution at the first error.
-
-=item B<-help>
-
-Prints the online help for this command. All other valid options are
-ignored.
-
-=back
-
-=head1 OUTPUT
-
-The command displays the counters in the following format:
-
- Max user id is <user_counter> and max group id is <group_counter>.
-
-=head1 EXAMPLES
-
-The following example displays the output of this command:
-
- % pts listmax
- Max user name is 1271 and max group id is -382.
-
-=head1 PRIVILEGE REQUIRED
-
-None
-
-=head1 SEE ALSO
-
-L<pts(1)>,
-L<pts_setmax(1)>
-
-=head1 COPYRIGHT
-
-IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
-
-This documentation is covered by the IBM Public License Version 1.0. It was
-converted from HTML to POD by software written by Chas Williams and Russ
-Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
--- /dev/null
+=head1 NAME
+
+pts_listmax - Displays the max user id and max group id counters
+
+=head1 SYNOPSIS
+
+=for html
+<div class="synopsis">
+
+B<pts listmax> S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>]
+ [B<-force>] [B<-help>]
+
+B<pts listm> S<<< [B<-c> <I<cell name>>] >>> [B<-n>] [B<-l>] [B<-f>] [B<-h>]
+
+=for html
+</div>
+
+=head1 DESCRIPTION
+
+The B<pts listmax> command displays the values of the C<max user id> and
+C<max group id> counters, which the Protection Server uses to track the
+AFS user IDs (AFS UIDs) it allocates to new users or machines, and the AFS
+group IDs (AFS GIDs) it allocates to new groups, respectively. When an
+administrator next issues the B<pts createuser> command and does not
+include the B<-id> argument, the new user or machine receives an AFS UID
+one greater than the C<max user id> counter, and when a user issues the
+B<pts creategroup> command and does not include the B<-id> argument, the
+new group receives an AFS UID one less (more negative) than the C<max
+group id> counter.
+
+To reset one or both counters, members of the system:administrators group
+can issue the B<pts setmax> command.
+
+=head1 OPTIONS
+
+=over 4
+
+=include fragments/pts-common.pod
+
+=back
+
+=head1 OUTPUT
+
+The command displays the counters in the following format:
+
+ Max user id is <user_counter> and max group id is <group_counter>.
+
+=head1 EXAMPLES
+
+The following example displays the output of this command:
+
+ % pts listmax
+ Max user name is 1271 and max group id is -382.
+
+=head1 PRIVILEGE REQUIRED
+
+None
+
+=head1 SEE ALSO
+
+L<pts(1)>,
+L<pts_setmax(1)>
+
+=head1 COPYRIGHT
+
+IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
+
+This documentation is covered by the IBM Public License Version 1.0. It was
+converted from HTML to POD by software written by Chas Williams and Russ
+Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
+++ /dev/null
-=head1 NAME
-
-pts_listowned - Show the Protection Database groups owned by a user or group
-
-=head1 SYNOPSIS
-
-=for html
-<div class="synopsis">
-
-B<pts listowned> S<<< B<-nameorid> <I<user or group name or id>>+ >>>
- [-cell <I<cell name>>] [B<-noauth>] [B<-localauth>] [B<-force>] [B<-help>]
-
-B<pts listo> S<<< B<-na> <I<user or group name or id>>+ >>>
- [-c <I<cell name>>] [B<-no>] [B<-l>] [B<-f>] [B<-h>]
-
-=for html
-</div>
-
-=head1 DESCRIPTION
-
-The B<pts listowned> command lists the groups owned by each user or group
-specified by the B<-nameorid> argument.
-
-To list any I<orphaned group>s, whose owners have themselves been deleted
-from the Protection Database, provide a value of C<0> (zero) for the
-B<-nameorid> argument. To change the owner to a user or group that still
-exists, use the B<pts chown> command.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-nameorid> <I<user or group name or id>>+
-
-Specifies the name or AFS UID of each user, or the name or AFS GID of each
-group, for which to display the list of owned groups. It is acceptable to
-mix users and groups on the same command line, as well as names and
-IDs. Precede the GID of each group with a hyphen to indicate that it is
-negative.
-
-A value of 0 (zero) lists group entries for groups whose owners no longer
-have entries in the Protection Database.
-
-=item B<-cell> <I<cell name>>
-
-Names the cell in which to run the command. For more details, see
-L<pts(1)>.
-
-=item B<-noauth>
-
-Assigns the unprivileged identity anonymous to the issuer. For more
-details, see L<pts(1)>.
-
-=item B<-localauth>
-
-Constructs a server ticket using a key from the local
-F</usr/afs/etc/KeyFile> file. Do not combine this flag with the
-B<-cell> or B<-noauth> options. For more details, see L<pts(1)>.
-
-=item B<-force>
-
-Enables the command to continue executing as far as possible when errors
-or other problems occur, rather than halting execution at the first error.
-
-=item B<-help>
-
-Prints the online help for this command. All other valid options are
-ignored.
-
-=back
-
-=head1 OUTPUT
-
-The first line of the output indicates the name and AFS UID or AFS GID of
-each user or group for which ownership information is requested, in the
-following format:
-
- Groups owned by <name> (id: <ID>) are:
-
-A list of groups follows. The list does not include groups owned by groups
-that the user or group owns, or to which the user or group belongs. If the
-user or group does not own any groups, only the header line appears.
-
-The following error message appears if the issuer is not privileged to
-view ownership information. By default, for both user and group entries
-the second privacy flag is the hyphen, which denies permission to anyone
-other than the user (for a user entry) and the members of the
-system:administrators group.
-
- pts: Permission denied so failed to get owner list for <name> (id: <ID>)
-
-=head1 EXAMPLES
-
-The following example lists the groups owned by user terry and shows that
-the group C<terry:friends> does not own any groups:
-
- % pts listowned terry terry:friends
- Groups owned by terry (id: 1045) are:
- terry:friends
- terry:project1
- terry:project2
- Groups owned by terry:friends (id: -673) are:
-
-=head1 PRIVILEGE REQUIRED
-
-The required privilege depends on the setting of the second privacy flag
-in the Protection Database entry of each user or group indicated by the
-B<-nameorid> argument (use the B<pts examine> command to display the
-flags):
-
-=over 4
-
-=item *
-
-If it is the hyphen and the B<-nameorid> argument specifies a group, only
-the members of the system:administrators group and the owner of a group
-can list the groups it owns.
-
-=item *
-
-If it is the hyphen and the B<-nameorid> argument specifies a user, only
-the members of the system:administrators group and the associated user can
-list the groups he or she owns.
-
-=item *
-
-If it is uppercase letter C<O>, anyone who can access the cell's database
-server machines can list the groups owned by this user or group.
-
-=back
-
-=head1 SEE ALSO
-
-L<pts(1)>,
-L<pts_chown(1)>,
-L<pts_examine(1)>,
-L<pts_setfields(1)>
-
-=head1 COPYRIGHT
-
-IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
-
-This documentation is covered by the IBM Public License Version 1.0. It was
-converted from HTML to POD by software written by Chas Williams and Russ
-Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
--- /dev/null
+=head1 NAME
+
+pts_listowned - Show the Protection Database groups owned by a user or group
+
+=head1 SYNOPSIS
+
+=for html
+<div class="synopsis">
+
+B<pts listowned> S<<< B<-nameorid> <I<user or group name or id>>+ >>>
+ [-cell <I<cell name>>] [B<-noauth>] [B<-localauth>] [B<-force>] [B<-help>]
+
+B<pts listo> S<<< B<-na> <I<user or group name or id>>+ >>>
+ [-c <I<cell name>>] [B<-no>] [B<-l>] [B<-f>] [B<-h>]
+
+=for html
+</div>
+
+=head1 DESCRIPTION
+
+The B<pts listowned> command lists the groups owned by each user or group
+specified by the B<-nameorid> argument.
+
+To list any I<orphaned group>s, whose owners have themselves been deleted
+from the Protection Database, provide a value of C<0> (zero) for the
+B<-nameorid> argument. To change the owner to a user or group that still
+exists, use the B<pts chown> command.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-nameorid> <I<user or group name or id>>+
+
+Specifies the name or AFS UID of each user, or the name or AFS GID of each
+group, for which to display the list of owned groups. It is acceptable to
+mix users and groups on the same command line, as well as names and
+IDs. Precede the GID of each group with a hyphen to indicate that it is
+negative.
+
+A value of 0 (zero) lists group entries for groups whose owners no longer
+have entries in the Protection Database.
+
+=include fragments/pts-common.pod
+
+=back
+
+=head1 OUTPUT
+
+The first line of the output indicates the name and AFS UID or AFS GID of
+each user or group for which ownership information is requested, in the
+following format:
+
+ Groups owned by <name> (id: <ID>) are:
+
+A list of groups follows. The list does not include groups owned by groups
+that the user or group owns, or to which the user or group belongs. If the
+user or group does not own any groups, only the header line appears.
+
+The following error message appears if the issuer is not privileged to
+view ownership information. By default, for both user and group entries
+the second privacy flag is the hyphen, which denies permission to anyone
+other than the user (for a user entry) and the members of the
+system:administrators group.
+
+ pts: Permission denied so failed to get owner list for <name> (id: <ID>)
+
+=head1 EXAMPLES
+
+The following example lists the groups owned by user terry and shows that
+the group C<terry:friends> does not own any groups:
+
+ % pts listowned terry terry:friends
+ Groups owned by terry (id: 1045) are:
+ terry:friends
+ terry:project1
+ terry:project2
+ Groups owned by terry:friends (id: -673) are:
+
+=head1 PRIVILEGE REQUIRED
+
+The required privilege depends on the setting of the second privacy flag
+in the Protection Database entry of each user or group indicated by the
+B<-nameorid> argument (use the B<pts examine> command to display the
+flags):
+
+=over 4
+
+=item *
+
+If it is the hyphen and the B<-nameorid> argument specifies a group, only
+the members of the system:administrators group and the owner of a group
+can list the groups it owns.
+
+=item *
+
+If it is the hyphen and the B<-nameorid> argument specifies a user, only
+the members of the system:administrators group and the associated user can
+list the groups he or she owns.
+
+=item *
+
+If it is uppercase letter C<O>, anyone who can access the cell's database
+server machines can list the groups owned by this user or group.
+
+=back
+
+=head1 SEE ALSO
+
+L<pts(1)>,
+L<pts_chown(1)>,
+L<pts_examine(1)>,
+L<pts_setfields(1)>
+
+=head1 COPYRIGHT
+
+IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
+
+This documentation is covered by the IBM Public License Version 1.0. It was
+converted from HTML to POD by software written by Chas Williams and Russ
+Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
+++ /dev/null
-=head1 NAME
-
-pts_membership - Displays the membership list for a user or group
-
-=head1 SYNOPSIS
-
-=for html
-<div class="synopsis">
-
-B<pts membership> S<<< B<-nameorid> <I<user or group name or id>>+ >>>
- [B<-supergroups>] [B<-expandgroups>] S<<< [B<-cell> <I<cell name>>] >>>
- [B<-localauth>] [B<-noauth>] [B<-force>] [B<-help>]
-
-B<pts m> S<<< B<-na> <I<user or group name or id>>+ >>>
- [B<-s>] [B<-ex>] S<<< [B<-c> <I<cell name>>] >>>
- [B<-no>] [B<-l>] [B<-f>] [B<-h>]
-
-B<pts groups> S<<< B<-na> <I<user or group name or id>>+ >>>
- [B<-s>] [B<-ex>] S<<< [B<-c> <I<cell name>>] >>>
- [B<-no>] [B<-l>] [B<-f>] [B<-h>]
-
-B<pts g> S<<< B<-na> <I<user or group name or id>>+ >>>
- [B<-s>] [B<-ex>] S<<< [B<-c> <I<cell name>>] >>>
- [B<-no>] [B<-l>] [B<-f>] [B<-h>]
-
-=for html
-</div>
-
-=head1 DESCRIPTION
-
-The B<pts membership> command lists the groups to which each user or
-machine specified by the B<-nameorid> argument belongs, or lists the users
-and machines that belong to each group specified by the B<-nameorid>
-argument.
-
-It is not possible to list the members of the system:anyuser or
-system:authuser groups, and they do not appear in the list of groups to
-which a user belongs.
-
-To add users or machine to groups, use the B<pts adduser> command; to remove
-them, use the B<pts removeuser> command.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-nameorid> <I<user or group name or id>>+
-
-Specifies the name or AFS UID of each user entry, the IP address (complete
-or wildcard-style) or AFS UID of each machine entry, or the name or AFS
-GID of each group, for which to list group membership. It is acceptable to
-mix users, machines, and groups on the same command line, as well as names
-and IDs. Precede the GID of each group with a hyphen to indicate that it
-is negative.
-
-=item B<-supergroups>
-
-List the groups to which each group specified by the B<-nameorid>
-argument belongs, in addition to user and machine members. Group
-membership may be nested when B<ptserver> is compilied with the
-SUPERGROUPS option enabled.
-
-=item B<-expandgroups>
-
-Instead of listing only the groups in which the user or machine is a direct
-member, list every group in which the user or machine belongs, including
-membership due to nested groups, for each user or machine specified by
-the B<-nameorid> argument.
-
-Instead of listing groups which are members of a group, list every user and
-machine which is a member of a group, including the users and machines which
-are members due to nested groups, for each group specified by the B<-nameorid>
-argument.
-
-Group membership may be nested when B<ptserver> is compilied with the
-SUPERGROUPS option enabled.
-
-=item B<-cell> <I<cell name>>
-
-Names the cell in which to run the command. For more details, see
-L<pts(1)>.
-
-=item B<-noauth>
-
-Assigns the unprivileged identity anonymous to the issuer. For more
-details, see L<pts(1)>.
-
-=item B<-localauth>
-
-Constructs a server ticket using a key from the local
-F</usr/afs/etc/KeyFile> file. Do not combine this flag with the
-B<-cell> or B<-noauth> options. For more details, see L<pts(1)>.
-
-=item B<-force>
-
-Enables the command to continue executing as far as possible when errors
-or other problems occur, rather than halting execution at the first error.
-
-=item B<-help>
-
-Prints the online help for this command. All other valid options are
-ignored.
-
-=back
-
-=head1 OUTPUT
-
-For each user and machine, the output begins with the following header
-line, followed by a list of the groups to which the user or machine
-belongs:
-
- Groups <name> (id: <AFS UID>) is a member of:
-
-For each group, the output begins with the following header line, followed
-by a list of the users and machines who belong to the group:
-
- Members of <group_name> (id: <AFS GID>) are:
-
-=head1 EXAMPLES
-
-The following example lists the groups to which the user C<pat> belongs
-and the members of the group C<smith:friends>. Note that third privacy
-flag for the C<pat> entry was changed from the default hyphen to enable a
-non-administrative user to obtain this listing.
-
- % pts membership pat smith:friends
- Groups pat (id: 1144) is a member of:
- smith:friends
- staff
- johnson:project-team
- Members of smith:friends (id: -562) are:
- pat
- terry
- jones
- richard
- thompson
-
-The following example shows how to list the groups to which nested groups
-belong. In this example the group C<executives> is a member of the group
-C<management> and the group C<management> is a member of the group C<staff>.
-The group C<management> is called a supergroup of the group C<executives> and the
-group C<staff> is called a supergroup of the group C<management>.
-
- % pts membership executives
- Members of executives (id: -208) are:
- jane
-
- % pts membership executives -supergroups
- Members of executives (id: -208) are:
- jane
- Groups executives (id: -208) is a member of:
- management
-
- % pts membership management -supergroups
- Members of management (id: -207) are:
- executives
- mary
- sarah
- carol
- Groups management (id: -207) is a member of:
- staff
-
- % pts membership staff -supergroups
- Members of staff (id: -206) are:
- sales
- marketing
- engineering
- management
- Groups staff (id: -206) is a member of:
-
-The following example shows how to find all the users which belong
-to a group, including users of nested groups. In this example, the
-user C<jane> is listed as an expanded member of the group C<management>
-instead of the group C<executives>.
-
- % pts membership management -expandgroups
- Expanded Members of management (id: -207) are:
- jane
- mary
- sarah
- carol
-
-The following example shows how to find all the groups a user
-is a member of, including membership due to nested groups. In
-this example the user C<jane> is a direct member of the group
-C<executives>. The C<-expandgroups> flag shows all the groups
-to which C<jane> has membership status.
-
- % pts membership jane
- Groups jane (id: 7) is a member of:
- executives
-
- % pts membership jane -expandgroups
- Expanded Groups jane (id: 7) is a member of:
- staff
- management
- executives
-
-=head1 PRIVILEGE REQUIRED
-
-Members of the system:ptsviewers and system:administrators groups can
-always use this command in any of its variations. Additionally, a user
-can always list the groups to which they belong, and the owner of a group
-can always list the members of the group.
-
-Additional privileges may be granted by the setting of the third privacy
-flag in the Protection Database entry of each user or group indicated by
-the B<-nameorid> argument (use the B<pts examine> command to display the
-flags):
-
-=over 4
-
-=item *
-
-If it is a hyphen, the default permissions described above apply.
-
-=item *
-
-If it is lowercase C<m> and the B<-nameorid> argument specifies a group,
-then members of that group can also list the other members. A privacy
-flag of C<m> only changes the permissions when set for a group. Setting
-this flag for a user or a machine has no effect.
-
-=item *
-
-If it is uppercase C<M>, anyone who can access the cell's database server
-machines can list the membership of the group or the groups to which that
-user or machine belongs, depending on what type of entry the flag is set
-on.
-
-=back
-
-=head1 SEE ALSO
-
-L<pts(1)>,
-L<pts_adduser(1)>,
-L<pts_examine(1)>,
-L<pts_removeuser(1)>,
-L<pts_setfields(1)>
-
-=head1 COPYRIGHT
-
-IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
-
-This documentation is covered by the IBM Public License Version 1.0. It was
-converted from HTML to POD by software written by Chas Williams and Russ
-Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
--- /dev/null
+=head1 NAME
+
+pts_membership - Displays the membership list for a user or group
+
+=head1 SYNOPSIS
+
+=for html
+<div class="synopsis">
+
+B<pts membership> S<<< B<-nameorid> <I<user or group name or id>>+ >>>
+ [B<-supergroups>] [B<-expandgroups>] S<<< [B<-cell> <I<cell name>>] >>>
+ [B<-localauth>] [B<-noauth>] [B<-force>] [B<-help>]
+
+B<pts m> S<<< B<-na> <I<user or group name or id>>+ >>>
+ [B<-s>] [B<-ex>] S<<< [B<-c> <I<cell name>>] >>>
+ [B<-no>] [B<-l>] [B<-f>] [B<-h>]
+
+B<pts groups> S<<< B<-na> <I<user or group name or id>>+ >>>
+ [B<-s>] [B<-ex>] S<<< [B<-c> <I<cell name>>] >>>
+ [B<-no>] [B<-l>] [B<-f>] [B<-h>]
+
+B<pts g> S<<< B<-na> <I<user or group name or id>>+ >>>
+ [B<-s>] [B<-ex>] S<<< [B<-c> <I<cell name>>] >>>
+ [B<-no>] [B<-l>] [B<-f>] [B<-h>]
+
+=for html
+</div>
+
+=head1 DESCRIPTION
+
+The B<pts membership> command lists the groups to which each user or
+machine specified by the B<-nameorid> argument belongs, or lists the users
+and machines that belong to each group specified by the B<-nameorid>
+argument.
+
+It is not possible to list the members of the system:anyuser or
+system:authuser groups, and they do not appear in the list of groups to
+which a user belongs.
+
+To add users or machine to groups, use the B<pts adduser> command; to remove
+them, use the B<pts removeuser> command.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-nameorid> <I<user or group name or id>>+
+
+Specifies the name or AFS UID of each user entry, the IP address (complete
+or wildcard-style) or AFS UID of each machine entry, or the name or AFS
+GID of each group, for which to list group membership. It is acceptable to
+mix users, machines, and groups on the same command line, as well as names
+and IDs. Precede the GID of each group with a hyphen to indicate that it
+is negative.
+
+=item B<-supergroups>
+
+List the groups to which each group specified by the B<-nameorid>
+argument belongs, in addition to user and machine members. Group
+membership may be nested when B<ptserver> is compilied with the
+SUPERGROUPS option enabled.
+
+=item B<-expandgroups>
+
+Instead of listing only the groups in which the user or machine is a direct
+member, list every group in which the user or machine belongs, including
+membership due to nested groups, for each user or machine specified by
+the B<-nameorid> argument.
+
+Instead of listing groups which are members of a group, list every user and
+machine which is a member of a group, including the users and machines which
+are members due to nested groups, for each group specified by the B<-nameorid>
+argument.
+
+Group membership may be nested when B<ptserver> is compilied with the
+SUPERGROUPS option enabled.
+
+=include fragments/pts-common.pod
+
+=back
+
+=head1 OUTPUT
+
+For each user and machine, the output begins with the following header
+line, followed by a list of the groups to which the user or machine
+belongs:
+
+ Groups <name> (id: <AFS UID>) is a member of:
+
+For each group, the output begins with the following header line, followed
+by a list of the users and machines who belong to the group:
+
+ Members of <group_name> (id: <AFS GID>) are:
+
+=head1 EXAMPLES
+
+The following example lists the groups to which the user C<pat> belongs
+and the members of the group C<smith:friends>. Note that third privacy
+flag for the C<pat> entry was changed from the default hyphen to enable a
+non-administrative user to obtain this listing.
+
+ % pts membership pat smith:friends
+ Groups pat (id: 1144) is a member of:
+ smith:friends
+ staff
+ johnson:project-team
+ Members of smith:friends (id: -562) are:
+ pat
+ terry
+ jones
+ richard
+ thompson
+
+The following example shows how to list the groups to which nested groups
+belong. In this example the group C<executives> is a member of the group
+C<management> and the group C<management> is a member of the group C<staff>.
+The group C<management> is called a supergroup of the group C<executives> and the
+group C<staff> is called a supergroup of the group C<management>.
+
+ % pts membership executives
+ Members of executives (id: -208) are:
+ jane
+
+ % pts membership executives -supergroups
+ Members of executives (id: -208) are:
+ jane
+ Groups executives (id: -208) is a member of:
+ management
+
+ % pts membership management -supergroups
+ Members of management (id: -207) are:
+ executives
+ mary
+ sarah
+ carol
+ Groups management (id: -207) is a member of:
+ staff
+
+ % pts membership staff -supergroups
+ Members of staff (id: -206) are:
+ sales
+ marketing
+ engineering
+ management
+ Groups staff (id: -206) is a member of:
+
+The following example shows how to find all the users which belong
+to a group, including users of nested groups. In this example, the
+user C<jane> is listed as an expanded member of the group C<management>
+instead of the group C<executives>.
+
+ % pts membership management -expandgroups
+ Expanded Members of management (id: -207) are:
+ jane
+ mary
+ sarah
+ carol
+
+The following example shows how to find all the groups a user
+is a member of, including membership due to nested groups. In
+this example the user C<jane> is a direct member of the group
+C<executives>. The C<-expandgroups> flag shows all the groups
+to which C<jane> has membership status.
+
+ % pts membership jane
+ Groups jane (id: 7) is a member of:
+ executives
+
+ % pts membership jane -expandgroups
+ Expanded Groups jane (id: 7) is a member of:
+ staff
+ management
+ executives
+
+=head1 PRIVILEGE REQUIRED
+
+Members of the system:ptsviewers and system:administrators groups can
+always use this command in any of its variations. Additionally, a user
+can always list the groups to which they belong, and the owner of a group
+can always list the members of the group.
+
+Additional privileges may be granted by the setting of the third privacy
+flag in the Protection Database entry of each user or group indicated by
+the B<-nameorid> argument (use the B<pts examine> command to display the
+flags):
+
+=over 4
+
+=item *
+
+If it is a hyphen, the default permissions described above apply.
+
+=item *
+
+If it is lowercase C<m> and the B<-nameorid> argument specifies a group,
+then members of that group can also list the other members. A privacy
+flag of C<m> only changes the permissions when set for a group. Setting
+this flag for a user or a machine has no effect.
+
+=item *
+
+If it is uppercase C<M>, anyone who can access the cell's database server
+machines can list the membership of the group or the groups to which that
+user or machine belongs, depending on what type of entry the flag is set
+on.
+
+=back
+
+=head1 SEE ALSO
+
+L<pts(1)>,
+L<pts_adduser(1)>,
+L<pts_examine(1)>,
+L<pts_removeuser(1)>,
+L<pts_setfields(1)>
+
+=head1 COPYRIGHT
+
+IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
+
+This documentation is covered by the IBM Public License Version 1.0. It was
+converted from HTML to POD by software written by Chas Williams and Russ
+Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
+++ /dev/null
-=head1 NAME
-
-pts_quit - Exit from pts interactive mode
-
-=head1 SYNOPSIS
-
-=for html
-<div class="synopsis">
-
-B<pts quit> S<<< [B<-cell>] <I<cell name>> >>> [B<-noauth>] [B<-localauth>]
- [B<-force>]
-
-B<pts q> S<<< [B<-c>] <I<cell name>> >>> [B<-n>] [B<-l>] [B<-f>]
-
-=for html
-</div>
-
-=head1 DESCRIPTION
-
-The B<pts quit> command exits from B<pts interactive> mode. The command
-can be run from the command line or interactively, but on the command line
-it does nothing and is therefore of questionable utility.
-
-=head1 CAUTIONS
-
-Prior to OpenAFS 1.4.5 and OpenAFS 1.5.23, the B<pts quit> command was
-only available on Unix or Linux and when OpenAFS was compiled with the
-supergroups option (disabled by default). As of OpenAFS 1.4.5 and 1.5.23,
-it is always available.
-
-=head1 OPTIONS
-
-Although they have no effect, B<pts quit> takes the following standard
-B<pts> options:
-
-=over 4
-
-=item B<-cell> <I<cell name>>
-
-Names the cell in which to run the command. For more details, see
-L<pts(1)>.
-
-=item B<-force>
-
-Enables the command to continue executing as far as possible when errors
-or other problems occur, rather than halting execution at the first error.
-
-=item B<-localauth>
-
-Constructs a server ticket using a key from the local
-F</usr/afs/etc/KeyFile> file. Do not combine this flag with the
-B<-cell> or B<-noauth> options. For more details, see L<pts(1)>.
-
-=item B<-noauth>
-
-Assigns the unprivileged identity anonymous to the issuer. For more
-details, see L<pts(1)>.
-
-=back
-
-=head1 OUTPUT
-
-This command produces no output.
-
-=head1 EXAMPLES
-
-Here is an example of a B<pts interactive> session:
-
- % pts interactive
- pts> quit
- %
-
-=head1 SEE ALSO
-
-L<pts(1)>,
-L<pts_interactive(1)>
-
-=head1 COPYRIGHT
-
-Copyright 2007 Jason Edgecombe <jason@rampaginggeek.com>
-
-This documentation is covered by the BSD License as written in the
-doc/LICENSE file. This man page was written by Jason Edgecombe for
-OpenAFS.
--- /dev/null
+=head1 NAME
+
+pts_quit - Exit from pts interactive mode
+
+=head1 SYNOPSIS
+
+=for html
+<div class="synopsis">
+
+B<pts quit> S<<< [B<-cell>] <I<cell name>> >>> [B<-noauth>] [B<-localauth>]
+ [B<-force>]
+
+B<pts q> S<<< [B<-c>] <I<cell name>> >>> [B<-n>] [B<-l>] [B<-f>]
+
+=for html
+</div>
+
+=head1 DESCRIPTION
+
+The B<pts quit> command exits from B<pts interactive> mode. The command
+can be run from the command line or interactively, but on the command line
+it does nothing and is therefore of questionable utility.
+
+=head1 CAUTIONS
+
+Prior to OpenAFS 1.4.5 and OpenAFS 1.5.23, the B<pts quit> command was
+only available on Unix or Linux and when OpenAFS was compiled with the
+supergroups option (disabled by default). As of OpenAFS 1.4.5 and 1.5.23,
+it is always available.
+
+=head1 OPTIONS
+
+Although they have no effect, B<pts quit> takes the following standard
+B<pts> options:
+
+=over 4
+
+=include fragments/pts-common.pod
+
+=back
+
+=head1 OUTPUT
+
+This command produces no output.
+
+=head1 EXAMPLES
+
+Here is an example of a B<pts interactive> session:
+
+ % pts interactive
+ pts> quit
+ %
+
+=head1 SEE ALSO
+
+L<pts(1)>,
+L<pts_interactive(1)>
+
+=head1 COPYRIGHT
+
+Copyright 2007 Jason Edgecombe <jason@rampaginggeek.com>
+
+This documentation is covered by the BSD License as written in the
+doc/LICENSE file. This man page was written by Jason Edgecombe for
+OpenAFS.
+++ /dev/null
-=head1 NAME
-
-pts_removeuser - Removes a user from a Protection Database group
-
-=head1 SYNOPSIS
-
-=for html
-<div class="synopsis">
-
-B<pts removeuser> S<<< B<-user> <I<user name>>+ >>> S<<< B<-group> <I<group name>>+ >>>
- S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>] [B<-force>]
- [B<-help>]
-
-B<pts rem> S<<< B<-u> <I<user name>>+ >>> S<<< B<-g> <I<group name>>+ >>>
- S<<< [B<-c> <I<cell name>>] >>> [B<-n>] [B<-l>] [B<-f>] [B<-h>]
-
-=for html
-</div>
-
-=head1 DESCRIPTION
-
-The B<pts removeuser> command removes each user or machine named by the
-B<-user> argument from each group named by the B<-group> argument.
-
-To add users to a group, use the B<pts adduser> command. To list group
-membership, use the B<pts membership> command. To remove users from a
-group and delete the group's entry completely in a single step, use the
-B<pts delete> command.
-
-=head1 CAUTIONS
-
-AFS compiles each user's group membership as he or she authenticates. Any
-users who have valid tokens when they are removed from a group retain the
-privileges extended to that group's members until they discard their
-tokens or reauthenticate.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-name> <I<user name>>+
-
-Specifies the name of each user entry or the IP address (complete or
-wildcard-style) of each machine entry to remove.
-
-=item B<-group> <I<group name>>+
-
-Names each group from which to remove members.
-
-=item B<-cell> <I<cell name>>
-
-Names the cell in which to run the command. For more details, see
-L<pts(1)>.
-
-=item B<-noauth>
-
-Assigns the unprivileged identity anonymous to the issuer. For more
-details, see L<pts(1)>.
-
-=item B<-localauth>
-
-Constructs a server ticket using a key from the local
-F</usr/afs/etc/KeyFile> file. Do not combine this flag with the
-B<-cell> or B<-noauth> options. For more details, see L<pts(1)>.
-
-=item B<-force>
-
-Enables the command to continue executing as far as possible when errors
-or other problems occur, rather than halting execution at the first error.
-
-=item B<-help>
-
-Prints the online help for this command. All other valid options are
-ignored.
-
-=back
-
-=head1 EXAMPLES
-
-The following example removes user smith from the groups C<staff> and
-C<staff:finance>. Note that no switch names are necessary because only a
-single instance is provided for the first argument (the username).
-
- % pts removeuser smith staff staff:finance
-
-The following example removes three machine entries, which represent all
-machines in the ABC Corporation network, from the group C<bin-prot>:
-
- % pts removeuser -user 138.255.0.0 192.12.105.0 192.12.106.0 -group bin-prot
-
-=head1 PRIVILEGE REQUIRED
-
-The required privilege depends on the setting of the fifth privacy flag in
-the Protection Database for the group named by the B<-group> argument (use
-the B<pts examine> command to display the flags):
-
-=over 4
-
-=item *
-
-If it is the hyphen, only the group's owner and members of the
-system:administrators group can remove members.
-
-=item *
-
-If it is lowercase C<r>, members of the group can also remove other
-members.
-
-=back
-
-(It is not possible to set the fifth flag to uppercase C<R>.)
-
-=head1 SEE ALSO
-
-L<pts(1)>,
-L<pts_adduser(1)>,
-L<pts_examine(1)>,
-L<pts_membership(1)>,
-L<pts_setfields(1)>
-
-=head1 COPYRIGHT
-
-IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
-
-This documentation is covered by the IBM Public License Version 1.0. It was
-converted from HTML to POD by software written by Chas Williams and Russ
-Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
--- /dev/null
+=head1 NAME
+
+pts_removeuser - Removes a user from a Protection Database group
+
+=head1 SYNOPSIS
+
+=for html
+<div class="synopsis">
+
+B<pts removeuser> S<<< B<-user> <I<user name>>+ >>> S<<< B<-group> <I<group name>>+ >>>
+ S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>] [B<-force>]
+ [B<-help>]
+
+B<pts rem> S<<< B<-u> <I<user name>>+ >>> S<<< B<-g> <I<group name>>+ >>>
+ S<<< [B<-c> <I<cell name>>] >>> [B<-n>] [B<-l>] [B<-f>] [B<-h>]
+
+=for html
+</div>
+
+=head1 DESCRIPTION
+
+The B<pts removeuser> command removes each user or machine named by the
+B<-user> argument from each group named by the B<-group> argument.
+
+To add users to a group, use the B<pts adduser> command. To list group
+membership, use the B<pts membership> command. To remove users from a
+group and delete the group's entry completely in a single step, use the
+B<pts delete> command.
+
+=head1 CAUTIONS
+
+AFS compiles each user's group membership as he or she authenticates. Any
+users who have valid tokens when they are removed from a group retain the
+privileges extended to that group's members until they discard their
+tokens or reauthenticate.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-name> <I<user name>>+
+
+Specifies the name of each user entry or the IP address (complete or
+wildcard-style) of each machine entry to remove.
+
+=item B<-group> <I<group name>>+
+
+Names each group from which to remove members.
+
+=include fragments/pts-common.pod
+
+=back
+
+=head1 EXAMPLES
+
+The following example removes user smith from the groups C<staff> and
+C<staff:finance>. Note that no switch names are necessary because only a
+single instance is provided for the first argument (the username).
+
+ % pts removeuser smith staff staff:finance
+
+The following example removes three machine entries, which represent all
+machines in the ABC Corporation network, from the group C<bin-prot>:
+
+ % pts removeuser -user 138.255.0.0 192.12.105.0 192.12.106.0 -group bin-prot
+
+=head1 PRIVILEGE REQUIRED
+
+The required privilege depends on the setting of the fifth privacy flag in
+the Protection Database for the group named by the B<-group> argument (use
+the B<pts examine> command to display the flags):
+
+=over 4
+
+=item *
+
+If it is the hyphen, only the group's owner and members of the
+system:administrators group can remove members.
+
+=item *
+
+If it is lowercase C<r>, members of the group can also remove other
+members.
+
+=back
+
+(It is not possible to set the fifth flag to uppercase C<R>.)
+
+=head1 SEE ALSO
+
+L<pts(1)>,
+L<pts_adduser(1)>,
+L<pts_examine(1)>,
+L<pts_membership(1)>,
+L<pts_setfields(1)>
+
+=head1 COPYRIGHT
+
+IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
+
+This documentation is covered by the IBM Public License Version 1.0. It was
+converted from HTML to POD by software written by Chas Williams and Russ
+Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
+++ /dev/null
-=head1 NAME
-
-pts_rename - Changes the name of a Protection Database entry
-
-=head1 SYNOPSIS
-
-=for html
-<div class="synopsis">
-
-B<pts rename> S<<< B<-oldname> <I<old name>> >>> S<<< B<-newname> <I<new name>> >>>
- S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>]
- [B<-force>] [B<-help>]
-
-B<pts ren> S<<< B<-o> <I<old name>> >>> S<<< B<-ne> <I<new name>> >>> S<<< [B<-c> <I<cell name>>] >>>
- [B<-no>] [B<-l>] [B<-f>] [B<-h>]
-
-=for html
-</div>
-
-=head1 DESCRIPTION
-
-The B<pts rename> command changes the name of the user, machine, or group
-entry specified by the B<-oldname> argument to the name specified by the
-B<-newname> argument. It is not possible to change a user or machine
-entry's name to look like a regular group entry's name (have a colon in
-it).
-
-Members of the system:administrators group can change a regular group name
-into a prefix-less name and vice versa. When changing a prefix-less group
-name into a regular group name or a regular group name to another regular
-group name, the owner field of the new name (the part before the colon)
-must correctly reflect the group's owner.
-
-Changing a regular group's owner with the B<pts chown> command
-automatically changes the owner field (the part before the colon) of the
-group's name, but does not change the owner field of any groups owned by
-the group. Use this command to rename those groups to a form that
-accurately reflects their ownership.
-
-=head1 CAUTIONS
-
-By convention, many aspects of an AFS user account have the same name as
-the user's Protection Database entry, including the Authentication
-Database entry, volume, and mount point. When using this command to change
-a user name, also change the names of all related entities to maintain
-consistency. For instructions, see the chapter on user accounts in the
-I<OpenAFS Administration Guide>.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-oldname> <I<old name>>
-
-Specifies the current full name of the entry.
-
-=item B<-newname> <I<new name>>
-
-Specifies the new full name for the entry. For regular groups, the owner
-field (the part before the colon) of the new name must reflect the actual
-ownership of the group.
-
-=item B<-cell> <I<cell name>>
-
-Names the cell in which to run the command. For more details, see
-L<pts(1)>.
-
-=item B<-noauth>
-
-Assigns the unprivileged identity anonymous to the issuer. For more
-details, see L<pts(1)>.
-
-=item B<-localauth>
-
-Constructs a server ticket using a key from the local
-F</usr/afs/etc/KeyFile> file. Do not combine this flag with the
-B<-cell> or B<-noauth> options. For more details, see L<pts(1)>.
-
-=item B<-force>
-
-Enables the command to continue executing as far as possible when errors
-or other problems occur, rather than halting execution at the first error.
-
-=item B<-help>
-
-Prints the online help for this command. All other valid options are
-ignored.
-
-=back
-
-=head1 EXAMPLES
-
-The following example changes the name of the group staff, owned by the
-privileged user C<admin>, to C<admin:staff>:
-
- % pts rename -oldname staff -newname admin:staff
-
-The following example changes the name of the group C<admin:finance> to
-the group C<finance>. The issuer must belong to the system:administrators
-group.
-
- % pts rename -oldname admin:finance -newname finance
-
-=head1 PRIVILEGE REQUIRED
-
-To change a regular group name to a prefix-less name or vice versa, or to
-change a user or machine entry's name, the issuer must belong to the
-system:administrators group.
-
-To change a group name to a new name of the same type (regular or
-prefix-less), the issuer must own the group or belong to the
-system:administrators group.
-
-=head1 SEE ALSO
-
-L<pts(1)>,
-L<pts_chown(1)>
-
-=head1 COPYRIGHT
-
-IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
-
-This documentation is covered by the IBM Public License Version 1.0. It was
-converted from HTML to POD by software written by Chas Williams and Russ
-Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
--- /dev/null
+=head1 NAME
+
+pts_rename - Changes the name of a Protection Database entry
+
+=head1 SYNOPSIS
+
+=for html
+<div class="synopsis">
+
+B<pts rename> S<<< B<-oldname> <I<old name>> >>> S<<< B<-newname> <I<new name>> >>>
+ S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>]
+ [B<-force>] [B<-help>]
+
+B<pts ren> S<<< B<-o> <I<old name>> >>> S<<< B<-ne> <I<new name>> >>> S<<< [B<-c> <I<cell name>>] >>>
+ [B<-no>] [B<-l>] [B<-f>] [B<-h>]
+
+=for html
+</div>
+
+=head1 DESCRIPTION
+
+The B<pts rename> command changes the name of the user, machine, or group
+entry specified by the B<-oldname> argument to the name specified by the
+B<-newname> argument. It is not possible to change a user or machine
+entry's name to look like a regular group entry's name (have a colon in
+it).
+
+Members of the system:administrators group can change a regular group name
+into a prefix-less name and vice versa. When changing a prefix-less group
+name into a regular group name or a regular group name to another regular
+group name, the owner field of the new name (the part before the colon)
+must correctly reflect the group's owner.
+
+Changing a regular group's owner with the B<pts chown> command
+automatically changes the owner field (the part before the colon) of the
+group's name, but does not change the owner field of any groups owned by
+the group. Use this command to rename those groups to a form that
+accurately reflects their ownership.
+
+=head1 CAUTIONS
+
+By convention, many aspects of an AFS user account have the same name as
+the user's Protection Database entry, including the Authentication
+Database entry, volume, and mount point. When using this command to change
+a user name, also change the names of all related entities to maintain
+consistency. For instructions, see the chapter on user accounts in the
+I<OpenAFS Administration Guide>.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-oldname> <I<old name>>
+
+Specifies the current full name of the entry.
+
+=item B<-newname> <I<new name>>
+
+Specifies the new full name for the entry. For regular groups, the owner
+field (the part before the colon) of the new name must reflect the actual
+ownership of the group.
+
+=include fragments/pts-common.pod
+
+=back
+
+=head1 EXAMPLES
+
+The following example changes the name of the group staff, owned by the
+privileged user C<admin>, to C<admin:staff>:
+
+ % pts rename -oldname staff -newname admin:staff
+
+The following example changes the name of the group C<admin:finance> to
+the group C<finance>. The issuer must belong to the system:administrators
+group.
+
+ % pts rename -oldname admin:finance -newname finance
+
+=head1 PRIVILEGE REQUIRED
+
+To change a regular group name to a prefix-less name or vice versa, or to
+change a user or machine entry's name, the issuer must belong to the
+system:administrators group.
+
+To change a group name to a new name of the same type (regular or
+prefix-less), the issuer must own the group or belong to the
+system:administrators group.
+
+=head1 SEE ALSO
+
+L<pts(1)>,
+L<pts_chown(1)>
+
+=head1 COPYRIGHT
+
+IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
+
+This documentation is covered by the IBM Public License Version 1.0. It was
+converted from HTML to POD by software written by Chas Williams and Russ
+Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
+++ /dev/null
-=head1 NAME
-
-pts_setfields - Sets privacy flags or quota for a Protection Database entry
-
-=head1 SYNOPSIS
-
-=for html
-<div class="synopsis">
-
-B<pts setfields> S<<< B<-nameorid> <I<user or group name or id>>+ >>>
- S<<< [B<-access> <I<set privacy flags>>] >>>
- S<<< [B<-groupquota> <I<set limit on group creation>>] >>>
- S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>]
- [B<-force>] [B<-help>]
-
-B<pts setf> S<<< B<-na> <I<user or group name or id>>+ >>>
- S<<< [B<-a> <I<set privacy flags>>] >>>
- S<<< [B<-g> <I<set limit on group creation>>] >>> S<<< [B<-c> <I<cell name>>] >>>
- [B<-no>] [B<-l>] [B<-f>] [B<-h>]
-
-=for html
-</div>
-
-=head1 DESCRIPTION
-
-The B<pts setfields> command sets the group-creation quota, the privacy
-flags, or both, associated with each user, machine, or group entry
-specified by the B<-nameorid> argument.
-
-To examine the current quota and privacy flags, use the B<pts examine>
-command.
-
-=head1 CAUTIONS
-
-Changing a machine or group's group-creation quota is allowed, but not
-recommended. The concept is meaningless for machines and groups, because
-it is impossible to authenticate as a group or machine.
-
-Similarly, some privacy flag settings do not have a sensible
-interpretation. L<OPTIONS> specifies the appropriate settings.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-nameorid> <I<user or group name or id>>+
-
-Specifies the name or AFS UID of each user, the IP address (complete or
-wildcard-style) of each machine, or the name or AFS GID of each machine
-for which to set privacy flags or group-creation quota. It is acceptable
-to mix users, machines, and groups on the same command line, as well as
-names (IP addresses for machines) and IDs. Precede the GID of each group
-with a hyphen to indicate that it is negative.
-
-=item B<-access> <I<privacy flags>>
-
-Specifies the privacy flags to apply to each entry. Provide a string of
-five characters, one for each of the permissions. If this option is
-omitted, the current setting remains unchanged.
-
-Set each flag to achieve the desired combination of permissions. If the
-following list does not mention a certain setting, it is not
-acceptable. For further discussion of the privacy flags, see
-L<pts_examine(1)>.
-
-=over 4
-
-=item *
-
-The first flag determines who can use the B<pts examine> command to
-display information from a user, machine or group's Protection Database
-entry.
-
-=over 4
-
-=item *
-
-Set it to lowercase C<s> to permit the members of the
-system:administrators group to display a user, machine, or group entry,
-the associated user to display a user entry, and the owner or members of a
-group to display the group entry.
-
-=item *
-
-Set it to uppercase C<S> to permit anyone who can access the cell's
-database server machines to display a user, machine, or group entry.
-
-=back
-
-=item *
-
-The second flag determines who can use the B<pts listowned> command to
-list the groups that a user or group owns.
-
-=over 4
-
-=item *
-
-Set it to the hyphen (C<->) to permit the members of the
-system:administrators group and a user to list the groups he or she owns,
-or to permit the members of the system:administrators group and a group's
-owner to list the groups that a group owns.
-
-=item *
-
-Set it to uppercase letter C<O> to permit anyone who can access the cell's
-database server machines to list the groups owned by a machine or group
-entry.
-
-=back
-
-=item *
-
-The third flag determines who can use the B<pts membership> command to
-list the groups to which a user or machine belongs, or the users and
-machines that belong to a group.
-
-=over 4
-
-=item *
-
-Set it to the hyphen (C<->) to permit the members of the
-system:administrators group and a user to list the groups he or she
-belongs to, to permit the members of the B<system:administrators> group to
-list the groups a machine belongs to, or to permit the members of the
-system:administrators group and a group's owner to list the users and
-machines that belong to it.
-
-=item *
-
-Set it to lowercase C<m> to permit members of a group to list the other
-members. (For user and machine entries, this setting is equivalent to the
-hyphen.)
-
-=item *
-
-Set it to uppercase C<M> to permit anyone who can access the cell's
-database server machines to list membership information for a user,
-machine or group.
-
-=back
-
-=item *
-
-The fourth flag determines who can use the B<pts adduser> command to add
-users and machines as members of a group. This flag has no sensible
-interpretation for user and machine entries, but must be set nonetheless,
-preferably to the hyphen.
-
-=over 4
-
-=item *
-
-Set it to the hyphen (C<->) to permit the members of the
-system:administrators group and the owner of the group to add members.
-
-=item *
-
-Set it to lowercase C<a> to permit members of a group to add other
-members.
-
-=item *
-
-Set it to uppercase C<A> to permit anyone who can access the cell's
-database server machines to add members to a group.
-
-=back
-
-=item *
-
-The fifth flag determines who can use the B<pts removeuser> command to
-remove users and machines from membership in a group. This flag has no
-sensible interpretation for user and machine entries, but must be set
-nonetheless, preferably to the hyphen.
-
-=over 4
-
-=item *
-
-Set it to the hyphen (C<->) to permit the members of the
-system:administrators group and the owner of the group to remove members.
-
-=item *
-
-Set it to lowercase C<r> to permit members of a group to remove other
-members.
-
-=back
-
-=back
-
-=item B<-groupquota> <I<group creation quota>>
-
-Specifies the number of additional groups a user can create (it does not
-matter how many he or she has created already). Do not include this
-argument for a group or machine entry.
-
-=item B<-cell> <I<cell name>>
-
-Names the cell in which to run the command. For more details, see
-L<pts(1)>.
-
-=item B<-noauth>
-
-Assigns the unprivileged identity anonymous to the issuer. For more
-details, see L<pts(1)>.
-
-=item B<-localauth>
-
-Constructs a server ticket using a key from the local
-F</usr/afs/etc/KeyFile> file. Do not combine this flag with the
-B<-cell> or B<-noauth> options. For more details, see L<pts(1)>.
-
-=item B<-force>
-
-Enables the command to continue executing as far as possible when errors
-or other problems occur, rather than halting execution at the first error.
-
-=item B<-help>
-
-Prints the online help for this command. All other valid options are
-ignored.
-
-=back
-
-=head1 EXAMPLES
-
-The following example changes the privacy flags on the group C<operators>,
-retaining the default values of the first, second and third flags, but
-setting the fourth and fifth flags to enable the group's members to add
-and remove other members.
-
- % pts setfields -nameorid operators -access S-Mar
-
-The following example changes the privacy flags and sets group quota on
-the user entry C<admin>. It retains the default values of the first,
-fourth, and fifth flags, but sets the second and third flags, to enable
-anyone to list the groups that C<admin> owns and belongs to. Users
-authenticated as C<admin> can create an additional 50 groups.
-
- % pts setfields -nameorid admin -access SOM-- -groupquota 50
-
-=head1 PRIVILEGE REQUIRED
-
-To edit group entries or set the privacy flags on any type of entry, the
-issuer must own the entry or belong to the system:administrators group. To
-set group-creation quota on a user entry, the issuer must belong to the
-system:administrators group.
-
-=head1 SEE ALSO
-
-L<pts(1)>,
-L<pts_adduser(1)>,
-L<pts_examine(1)>,
-L<pts_listowned(1)>,
-L<pts_membership(1)>,
-L<pts_removeuser(1)>
-
-=head1 COPYRIGHT
-
-IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
-
-This documentation is covered by the IBM Public License Version 1.0. It was
-converted from HTML to POD by software written by Chas Williams and Russ
-Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
--- /dev/null
+=head1 NAME
+
+pts_setfields - Sets privacy flags or quota for a Protection Database entry
+
+=head1 SYNOPSIS
+
+=for html
+<div class="synopsis">
+
+B<pts setfields> S<<< B<-nameorid> <I<user or group name or id>>+ >>>
+ S<<< [B<-access> <I<set privacy flags>>] >>>
+ S<<< [B<-groupquota> <I<set limit on group creation>>] >>>
+ S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>]
+ [B<-force>] [B<-help>]
+
+B<pts setf> S<<< B<-na> <I<user or group name or id>>+ >>>
+ S<<< [B<-a> <I<set privacy flags>>] >>>
+ S<<< [B<-g> <I<set limit on group creation>>] >>> S<<< [B<-c> <I<cell name>>] >>>
+ [B<-no>] [B<-l>] [B<-f>] [B<-h>]
+
+=for html
+</div>
+
+=head1 DESCRIPTION
+
+The B<pts setfields> command sets the group-creation quota, the privacy
+flags, or both, associated with each user, machine, or group entry
+specified by the B<-nameorid> argument.
+
+To examine the current quota and privacy flags, use the B<pts examine>
+command.
+
+=head1 CAUTIONS
+
+Changing a machine or group's group-creation quota is allowed, but not
+recommended. The concept is meaningless for machines and groups, because
+it is impossible to authenticate as a group or machine.
+
+Similarly, some privacy flag settings do not have a sensible
+interpretation. L<OPTIONS> specifies the appropriate settings.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-nameorid> <I<user or group name or id>>+
+
+Specifies the name or AFS UID of each user, the IP address (complete or
+wildcard-style) of each machine, or the name or AFS GID of each machine
+for which to set privacy flags or group-creation quota. It is acceptable
+to mix users, machines, and groups on the same command line, as well as
+names (IP addresses for machines) and IDs. Precede the GID of each group
+with a hyphen to indicate that it is negative.
+
+=item B<-access> <I<privacy flags>>
+
+Specifies the privacy flags to apply to each entry. Provide a string of
+five characters, one for each of the permissions. If this option is
+omitted, the current setting remains unchanged.
+
+Set each flag to achieve the desired combination of permissions. If the
+following list does not mention a certain setting, it is not
+acceptable. For further discussion of the privacy flags, see
+L<pts_examine(1)>.
+
+=over 4
+
+=item *
+
+The first flag determines who can use the B<pts examine> command to
+display information from a user, machine or group's Protection Database
+entry.
+
+=over 4
+
+=item *
+
+Set it to lowercase C<s> to permit the members of the
+system:administrators group to display a user, machine, or group entry,
+the associated user to display a user entry, and the owner or members of a
+group to display the group entry.
+
+=item *
+
+Set it to uppercase C<S> to permit anyone who can access the cell's
+database server machines to display a user, machine, or group entry.
+
+=back
+
+=item *
+
+The second flag determines who can use the B<pts listowned> command to
+list the groups that a user or group owns.
+
+=over 4
+
+=item *
+
+Set it to the hyphen (C<->) to permit the members of the
+system:administrators group and a user to list the groups he or she owns,
+or to permit the members of the system:administrators group and a group's
+owner to list the groups that a group owns.
+
+=item *
+
+Set it to uppercase letter C<O> to permit anyone who can access the cell's
+database server machines to list the groups owned by a machine or group
+entry.
+
+=back
+
+=item *
+
+The third flag determines who can use the B<pts membership> command to
+list the groups to which a user or machine belongs, or the users and
+machines that belong to a group.
+
+=over 4
+
+=item *
+
+Set it to the hyphen (C<->) to permit the members of the
+system:administrators group and a user to list the groups he or she
+belongs to, to permit the members of the B<system:administrators> group to
+list the groups a machine belongs to, or to permit the members of the
+system:administrators group and a group's owner to list the users and
+machines that belong to it.
+
+=item *
+
+Set it to lowercase C<m> to permit members of a group to list the other
+members. (For user and machine entries, this setting is equivalent to the
+hyphen.)
+
+=item *
+
+Set it to uppercase C<M> to permit anyone who can access the cell's
+database server machines to list membership information for a user,
+machine or group.
+
+=back
+
+=item *
+
+The fourth flag determines who can use the B<pts adduser> command to add
+users and machines as members of a group. This flag has no sensible
+interpretation for user and machine entries, but must be set nonetheless,
+preferably to the hyphen.
+
+=over 4
+
+=item *
+
+Set it to the hyphen (C<->) to permit the members of the
+system:administrators group and the owner of the group to add members.
+
+=item *
+
+Set it to lowercase C<a> to permit members of a group to add other
+members.
+
+=item *
+
+Set it to uppercase C<A> to permit anyone who can access the cell's
+database server machines to add members to a group.
+
+=back
+
+=item *
+
+The fifth flag determines who can use the B<pts removeuser> command to
+remove users and machines from membership in a group. This flag has no
+sensible interpretation for user and machine entries, but must be set
+nonetheless, preferably to the hyphen.
+
+=over 4
+
+=item *
+
+Set it to the hyphen (C<->) to permit the members of the
+system:administrators group and the owner of the group to remove members.
+
+=item *
+
+Set it to lowercase C<r> to permit members of a group to remove other
+members.
+
+=back
+
+=back
+
+=item B<-groupquota> <I<group creation quota>>
+
+Specifies the number of additional groups a user can create (it does not
+matter how many he or she has created already). Do not include this
+argument for a group or machine entry.
+
+=include fragments/pts-common.pod
+
+=back
+
+=head1 EXAMPLES
+
+The following example changes the privacy flags on the group C<operators>,
+retaining the default values of the first, second and third flags, but
+setting the fourth and fifth flags to enable the group's members to add
+and remove other members.
+
+ % pts setfields -nameorid operators -access S-Mar
+
+The following example changes the privacy flags and sets group quota on
+the user entry C<admin>. It retains the default values of the first,
+fourth, and fifth flags, but sets the second and third flags, to enable
+anyone to list the groups that C<admin> owns and belongs to. Users
+authenticated as C<admin> can create an additional 50 groups.
+
+ % pts setfields -nameorid admin -access SOM-- -groupquota 50
+
+=head1 PRIVILEGE REQUIRED
+
+To edit group entries or set the privacy flags on any type of entry, the
+issuer must own the entry or belong to the system:administrators group. To
+set group-creation quota on a user entry, the issuer must belong to the
+system:administrators group.
+
+=head1 SEE ALSO
+
+L<pts(1)>,
+L<pts_adduser(1)>,
+L<pts_examine(1)>,
+L<pts_listowned(1)>,
+L<pts_membership(1)>,
+L<pts_removeuser(1)>
+
+=head1 COPYRIGHT
+
+IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
+
+This documentation is covered by the IBM Public License Version 1.0. It was
+converted from HTML to POD by software written by Chas Williams and Russ
+Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
+++ /dev/null
-=head1 NAME
-
-pts_setmax - Sets the value of the max group id or max user id counter
-
-=head1 SYNOPSIS
-
-=for html
-<div class="synopsis">
-
-B<pts setmax> S<<< [B<-group> <I<group max>>] >>> S<<< [B<-user> <I<user max>>] >>>
- S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>] [B<-force>] [B<-help>]
-
-B<pts setm> [B<-g> I<group max>>] S<<< [B<-u> <I<user max>>] >>>
- S<<< [B<-c> <I<cell name>>] >>> [B<-n>] [B<-l>] [B<-f>] [B<-h>]
-
-=for html
-</div>
-
-=head1 DESCRIPTION
-
-The B<pts setmax> command sets the value of one or both counters that
-track the IDs the Protection Server allocates to new users, machines, or
-groups: the C<max user id> counter for the AFS user IDs (AFS UIDs)
-assigned to users and machines, and the C<max group id> counter for the
-AFS group IDs (AFS GIDs) assigned to groups.
-
-Use the B<pts listmax> command to display the current value of both
-counters.
-
-=head1 OPTIONS
-
-=over 4
-
-=item B<-group> <I<group max>>
-
-Sets the C<max group id> counter. Precede the value with a hyphen to
-indicate that it is negative. When an administrator next uses the B<pts
-creategroup> command to create a group entry and does not include that
-command's B<-id> argument, the Protection Server assigns the group an AFS
-GID one less (more negative) than this value.
-
-=item B<-user> <I<user max>>
-
-Sets the C<max user id> counter. When an administrator next uses the B<pts
-createuser> command to create a user or machine entry and does not include
-that command's B<-id> argument, the Protection Server assigns the group an
-AFS UID one greater than this value.
-
-=item B<-cell> <I<cell name>>
-
-Names the cell in which to run the command. For more details, see
-L<pts(1)>.
-
-=item B<-noauth>
-
-Assigns the unprivileged identity anonymous to the issuer. For more
-details, see L<pts(1)>.
-
-=item B<-localauth>
-
-Constructs a server ticket using a key from the local
-F</usr/afs/etc/KeyFile> file. Do not combine this flag with the
-B<-cell> or B<-noauth> options. For more details, see L<pts(1)>.
-
-=item B<-force>
-
-Enables the command to continue executing as far as possible when errors
-or other problems occur, rather than halting execution at the first error.
-
-=item B<-help>
-
-Prints the online help for this command. All other valid options are
-ignored.
-
-=back
-
-=head1 EXAMPLES
-
-The following command sets the C<max group id> counter to -500 and the
-C<max user id> counter to 1000.
-
- % pts setmax -group -500 -user 1000
-
-=head1 PRIVILEGE REQUIRED
-
-The issuer must belong to the system:administrators group.
-
-=head1 SEE ALSO
-
-L<pts(1)>,
-L<pts_creategroup(1)>,
-L<pts_createuser(1)>,
-L<pts_listmax(1)>
-
-=head1 COPYRIGHT
-
-IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
-
-This documentation is covered by the IBM Public License Version 1.0. It was
-converted from HTML to POD by software written by Chas Williams and Russ
-Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
--- /dev/null
+=head1 NAME
+
+pts_setmax - Sets the value of the max group id or max user id counter
+
+=head1 SYNOPSIS
+
+=for html
+<div class="synopsis">
+
+B<pts setmax> S<<< [B<-group> <I<group max>>] >>> S<<< [B<-user> <I<user max>>] >>>
+ S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>] [B<-force>] [B<-help>]
+
+B<pts setm> [B<-g> I<group max>>] S<<< [B<-u> <I<user max>>] >>>
+ S<<< [B<-c> <I<cell name>>] >>> [B<-n>] [B<-l>] [B<-f>] [B<-h>]
+
+=for html
+</div>
+
+=head1 DESCRIPTION
+
+The B<pts setmax> command sets the value of one or both counters that
+track the IDs the Protection Server allocates to new users, machines, or
+groups: the C<max user id> counter for the AFS user IDs (AFS UIDs)
+assigned to users and machines, and the C<max group id> counter for the
+AFS group IDs (AFS GIDs) assigned to groups.
+
+Use the B<pts listmax> command to display the current value of both
+counters.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<-group> <I<group max>>
+
+Sets the C<max group id> counter. Precede the value with a hyphen to
+indicate that it is negative. When an administrator next uses the B<pts
+creategroup> command to create a group entry and does not include that
+command's B<-id> argument, the Protection Server assigns the group an AFS
+GID one less (more negative) than this value.
+
+=item B<-user> <I<user max>>
+
+Sets the C<max user id> counter. When an administrator next uses the B<pts
+createuser> command to create a user or machine entry and does not include
+that command's B<-id> argument, the Protection Server assigns the group an
+AFS UID one greater than this value.
+
+=include fragments/pts-common.pod
+
+=back
+
+=head1 EXAMPLES
+
+The following command sets the C<max group id> counter to -500 and the
+C<max user id> counter to 1000.
+
+ % pts setmax -group -500 -user 1000
+
+=head1 PRIVILEGE REQUIRED
+
+The issuer must belong to the system:administrators group.
+
+=head1 SEE ALSO
+
+L<pts(1)>,
+L<pts_creategroup(1)>,
+L<pts_createuser(1)>,
+L<pts_listmax(1)>
+
+=head1 COPYRIGHT
+
+IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
+
+This documentation is covered by the IBM Public License Version 1.0. It was
+converted from HTML to POD by software written by Chas Williams and Russ
+Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
+++ /dev/null
-=head1 NAME
-
-pts_sleep - Pauses for a few seconds
-
-=head1 SYNOPSIS
-
-=for html
-<div class="synopsis">
-
-B<pts sleep> S<<< [B<-delay>] <I<# of seconds>> >>>
- S<<< [B<-cell>] <I<cell name>> >>> [B<-noauth>] [B<-localauth>] [B<-force>]
-
-B<pts sl> S<<< [B<-d>] <I<# of seconds>> >>> S<<< [B<-c>] <I<cell name>> >>>
- [B<-n>] [B<-l>] [B<-f>]
-
-=for html
-</div>
-
-=head1 DESCRIPTION
-
-The B<pts sleep> pauses for a specified number of seconds. The command can
-be run from the command line or interactively, although from the command
-line it's essentially equivalent to the B<sleep> command. It is intended
-for use in interactive mode to pause for a few seconds between batch
-commands to allow the Protection Server to catch up.
-
-=head1 CAUTIONS
-
-Prior to OpenAFS 1.4.5 and OpenAFS 1.5.23, the B<pts sleep> command was
-only available on Unix or Linux and when OpenAFS was compiled with the
-supergroups option (disabled by default). As of OpenAFS 1.4.5 and 1.5.23,
-it is always available.
-
-=head1 OPTIONS
-
-Although they have no effect, B<pts sleep> takes the following standard
-B<pts> options:
-
-=over 4
-
-=item B<-cell> <I<cell name>>
-
-Names the cell in which to run the command. For more details, see
-L<pts(1)>.
-
-=item B<-force>
-
-Enables the command to continue executing as far as possible when errors
-or other problems occur, rather than halting execution at the first error.
-
-=item B<-noauth>
-
-Assigns the unprivileged identity anonymous to the issuer. For more
-details, see L<pts(1)>.
-
-=item B<-localauth>
-
-Constructs a server ticket using a key from the local
-F</usr/afs/etc/KeyFile> file. Do not combine this flag with the
-B<-cell> or B<-noauth> options. For more details, see L<pts(1)>.
-
-=back
-
-=head1 OUTPUT
-
-This command produces no output.
-
-=head1 EXAMPLES
-
-Here is an example of a B<pts interactive> session:
-
- % pts interactive
- pts> sleep 5
- pts> quit
- %
-
-=head1 SEE ALSO
-
-L<pts(1)>,
-L<pts_interactive(1)>
-
-=head1 COPYRIGHT
-
-Copyright 2007 Jason Edgecombe <jason@rampaginggeek.com>
-
-This documentation is covered by the BSD License as written in the
-doc/LICENSE file. This man page was written by Jason Edgecombe for
-OpenAFS.
--- /dev/null
+=head1 NAME
+
+pts_sleep - Pauses for a few seconds
+
+=head1 SYNOPSIS
+
+=for html
+<div class="synopsis">
+
+B<pts sleep> S<<< [B<-delay>] <I<# of seconds>> >>>
+ S<<< [B<-cell>] <I<cell name>> >>> [B<-noauth>] [B<-localauth>] [B<-force>]
+
+B<pts sl> S<<< [B<-d>] <I<# of seconds>> >>> S<<< [B<-c>] <I<cell name>> >>>
+ [B<-n>] [B<-l>] [B<-f>]
+
+=for html
+</div>
+
+=head1 DESCRIPTION
+
+The B<pts sleep> pauses for a specified number of seconds. The command can
+be run from the command line or interactively, although from the command
+line it's essentially equivalent to the B<sleep> command. It is intended
+for use in interactive mode to pause for a few seconds between batch
+commands to allow the Protection Server to catch up.
+
+=head1 CAUTIONS
+
+Prior to OpenAFS 1.4.5 and OpenAFS 1.5.23, the B<pts sleep> command was
+only available on Unix or Linux and when OpenAFS was compiled with the
+supergroups option (disabled by default). As of OpenAFS 1.4.5 and 1.5.23,
+it is always available.
+
+=head1 OPTIONS
+
+Although they have no effect, B<pts sleep> takes the following standard
+B<pts> options:
+
+=over 4
+
+=include fragments/pts-common.pod
+
+=back
+
+=head1 OUTPUT
+
+This command produces no output.
+
+=head1 EXAMPLES
+
+Here is an example of a B<pts interactive> session:
+
+ % pts interactive
+ pts> sleep 5
+ pts> quit
+ %
+
+=head1 SEE ALSO
+
+L<pts(1)>,
+L<pts_interactive(1)>
+
+=head1 COPYRIGHT
+
+Copyright 2007 Jason Edgecombe <jason@rampaginggeek.com>
+
+This documentation is covered by the BSD License as written in the
+doc/LICENSE file. This man page was written by Jason Edgecombe for
+OpenAFS.
+++ /dev/null
-=head1 NAME
-
-pts_source - Read pts commands from a file
-
-=head1 SYNOPSIS
-
-=for html
-<div class="synopsis">
-
-B<pts source> S<<< [B<-file>] <I<file name>> >>> S<<< [B<-cell>] <I<cell name>> >>>
- [B<-noauth>] [B<-localauth>] [B<-force>]
-
-B<pts so> S<<< [B<-f>] <I<file name>> >>> S<<< [B<-c>] <I<cell name>> >>>
- [B<-n>] [B<-l>] [B<-f>]
-
-=for html
-</div>
-
-=head1 DESCRIPTION
-
-The B<pts source> runs commands from a file as if they were typed in B<pts
-interactive> mode. The command can be run from the command line or
-interactively.
-
-=head1 CAUTIONS
-
-Prior to OpenAFS 1.4.5 and OpenAFS 1.5.23, the B<pts source> command was
-only available on Unix or Linux and when OpenAFS was compiled with the
-supergroups option (disabled by default). As of OpenAFS 1.4.5 and 1.5.23,
-it is always available.
-
-=head1 OPTIONS
-
-B<pts source> takes the following options:
-
-=over 4
-
-=item B<-cell> <I<cell name>>
-
-Names the cell in which to run the command. For more details, see
-L<pts(1)>.
-
-=item B<-file> <I<file name>>
-
-Specifies the filename from which to read commands.
-
-=item B<-force>
-
-Enables the command to continue executing as far as possible when errors
-or other problems occur, rather than halting execution at the first error.
-This is useful for bulk operations where you would like to continue even
-if one of many operations fails.
-
-=item B<-noauth>
-
-Assigns the unprivileged identity anonymous to the issuer. For more
-details, see L<pts(1)>.
-
-=item B<-localauth>
-
-Constructs a server ticket using a key from the local
-F</usr/afs/etc/KeyFile> file. Do not combine this flag with the
-B<-cell> or B<-noauth> options. For more details, see L<pts(1)>.
-
-=back
-
-=head1 OUTPUT
-
-This command shows the output of each command in the file as if it were
-run normally.
-
-=head1 EXAMPLES
-
-Here is an example of using B<pts source> in a B<pts interactive> session:
-
- % echo examine admin > /tmp/commands.txt
- % pts interactive
- pts> source /tmp/commands.txt
- Name: admin, id: 1, owner: system:administrators, creator: anonymous,
- membership: 2, flags: S----, group quota: 20.
- pts> quit
- %
-
-=head1 SEE ALSO
-
-L<pts(1)>,
-L<pts_interactive(1)>,
-L<pts_quit(1)>,
-L<pts_sleep(1)>
-
-=head1 COPYRIGHT
-
-Copyright 2007 Jason Edgecombe <jason@rampaginggeek.com>
-
-This documentation is covered by the BSD License as written in the
-doc/LICENSE file. This man page was written by Jason Edgecombe for
-OpenAFS.
--- /dev/null
+=head1 NAME
+
+pts_source - Read pts commands from a file
+
+=head1 SYNOPSIS
+
+=for html
+<div class="synopsis">
+
+B<pts source> S<<< [B<-file>] <I<file name>> >>> S<<< [B<-cell>] <I<cell name>> >>>
+ [B<-noauth>] [B<-localauth>] [B<-force>]
+
+B<pts so> S<<< [B<-f>] <I<file name>> >>> S<<< [B<-c>] <I<cell name>> >>>
+ [B<-n>] [B<-l>] [B<-f>]
+
+=for html
+</div>
+
+=head1 DESCRIPTION
+
+The B<pts source> runs commands from a file as if they were typed in B<pts
+interactive> mode. The command can be run from the command line or
+interactively.
+
+=head1 CAUTIONS
+
+Prior to OpenAFS 1.4.5 and OpenAFS 1.5.23, the B<pts source> command was
+only available on Unix or Linux and when OpenAFS was compiled with the
+supergroups option (disabled by default). As of OpenAFS 1.4.5 and 1.5.23,
+it is always available.
+
+=head1 OPTIONS
+
+B<pts source> takes the following options:
+
+=over 4
+
+=include fragments/pts-common.pod
+
+=back
+
+=head1 OUTPUT
+
+This command shows the output of each command in the file as if it were
+run normally.
+
+=head1 EXAMPLES
+
+Here is an example of using B<pts source> in a B<pts interactive> session:
+
+ % echo examine admin > /tmp/commands.txt
+ % pts interactive
+ pts> source /tmp/commands.txt
+ Name: admin, id: 1, owner: system:administrators, creator: anonymous,
+ membership: 2, flags: S----, group quota: 20.
+ pts> quit
+ %
+
+=head1 SEE ALSO
+
+L<pts(1)>,
+L<pts_interactive(1)>,
+L<pts_quit(1)>,
+L<pts_sleep(1)>
+
+=head1 COPYRIGHT
+
+Copyright 2007 Jason Edgecombe <jason@rampaginggeek.com>
+
+This documentation is covered by the BSD License as written in the
+doc/LICENSE file. This man page was written by Jason Edgecombe for
+OpenAFS.
# pod2man available.
if test -d doc/man-pages ; then
echo "Building man pages"
+ perl doc/man-pages/merge-pod doc/man-pages/pod1/*.in
(cd doc/man-pages && ./generate-man)
fi
fi
projects / packages / o / openafs.git / commitdiff