[OpenAFS] Book your room for the ABPW10 today!
Today's the last day to reserve a room as part of our block for this year's AFS Kerberos Best Practices workshop! Hotel info here: http://workshop.openafs.org/afsbpw10/hotel.html Rate is $119/night at the I Hotel and Conference Center. Thank you, Derrick for the AFS Kerberos Best Practices Workshop Organizers http://workshop.openafs.org/ ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
[OpenAFS] user-visible change suggestion for fs setacl
The provided patch adds the ability to add or subtract rights from an acl element, e.g. a+ or a- to add or subtract the administer bit from an acl, like fs sa . shadow a+ would give shadow the a bit in addition to whatever bits he already had. It's user-visible. Before we go anywhere with it, ignoring code issues, what UI should this have, assuming we do want this feature (I certianly see the utility) https://rt.central.org/rt/Ticket/Display.html?id=123962 ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
[OpenAFS] Foundation Plan redux
Folks, there's been precious little in the way of comments regarding the plan for a potential Foundation for OpenAFs, mostly positive, but I'm unwilling to believe people like it that much so much as are lazy. If you have comments please send them! Public discussion is encouraged. Please reply if you'd like to talk about it! Thank you, Derrick Brashear OpenAFS gatekeeperelder and some other stuff, today speaking for himself ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
[OpenAFS] An open letter from the OpenAFS Council of Elders
Since OpenAFS began its life as an open source project seven and a half years ago, the OpenAFS community has made great strides at advancing the capabilities of the product while improving its stability and maintaining backwards-compatibility for sites with existing deployments. Early in the life of the project, an administrative structure with little to no overhead was appropriate as it needed to prove its viability and longevity. There were a broad range of institutions that formerly had IBM AFS source code licenses waiting in the wings to contribute years of internal extensions and many others that had been waiting for an opportunity to work on long-desired projects. During this time much has been accomplished. There has been a broad transition from IBM supported AFS cells to OpenAFS. Support has been added for several new platforms while being strengthed on others. The community has adapted OpenAFS to the modern Internet and reduced the help desk support costs for Microsoft Windows, MacOS X and Linux clients. The OpenAFS community has matured. Several of the organizations that founded OpenAFS have left us but have been replaced by hundreds of others. Since the creation of the OpenAFS repository there have been 9450 commits from 270 contributors. The number of commits have almost doubled on an annual basis during that time period. Traffic on the openafs-provided general mailing list has on average tripled from under a hundred messages per month to close to 300; At the same time, traffic on the developer list has done almost exactly the reverse as many of the early smaller issues have been resolved. A core of around 30 contributors to the developer list and an average of 75 unique posters per month on the general information list exchange information and ideas. Commercial support is now available from three independent corporations. Annual AFS conferences are now conducted on both sides of the Atlantic. Yet with all of this growth, the OpenAFS community has been unable to capitalize on a number of opportunities which have come our way due to the structure of the organization. Efforts at raising resources through an unincorporated association of volunteers has failed. Entering into agreements and signing contracts with third parties on behalf of OpenAFS has proven impossible. Over the last four years much of the serious progress has been individually funded by a small set of organizations in order to satisfy their own needs. This work has then been contributed to the OpenAFS repository to ensure that the functionality is present in future releases, is tested by a broader community, and as a result reduces the cost of on-going maintenance. These improvements have proven extremely valuable to many members of the community. However this development model comes at a cost. It is impossible for OpenAFS to determine its own destiny. The Gatekeepers are unable to define a road map and achieve predictable progress because they do not control the resources. As the average size and complexity of the unimplemented projects increase, the number of organizations capable of funding the projects is continuously reduced. Attempts at coordinating joint ventures among organizations have failed due to political and logistical issues. The Elders feel we are at a critical juncture in the life of the project, where steps need to be taken to ensure further work continues to be undertaken to meet the long term needs of the OpenAFS community. Underscoring this point, OpenAFS is for the first time participating in the Google Summer of Code, providing an opportunity for new contributors to hone their skills while developing useful and needed additions to the OpenAFS product suite. OpenAFS has lined up a group of eager, willing and able mentors to aid the students in their ventures, and to aid in further work, at the conclusion of the Summer Google would like to make a small grant to OpenAFS. Many of you will join us at the 2008 AFS and Kerberos Best Practices Workshop. The Workshop is funded by the OpenAFS Elders and proceeds are used to fund further development and infrastructure expenses. The logistics of the workshop are unnecessarily challenging due to the lack of a legal OpenAFS entity and the desire for the Elders' money to be maintained by a tax-exempt charitable organization complying with Section 501(c)3 of the United States Internal Revenue Code. There are intellectual property issues as well. OpenAFS is a brand that is currently unprotected by trademark. Organizations that wish to donate code and documentation to OpenAFS but do not wish to hold onto the copyright have been forced to negotiate with third parties to take responsibility on their behalf. To make best use of resources potentially at our disposal the Elders believe it is time to create a legal not-for-profit entity that will accept and manage grants, have the
Re: [OpenAFS] UFS logging on Solaris - could this cause volumes to go offline and salvager to dump core
On Fri, 2 Nov 2007, Andrew Cobaugh wrote: I can't find any reference to UFS logging on Solaris past 2004 in the archives (unless I'm not looking hard enough). Is it safe to turn on logging on ufs under Solaris these days? Not unless you use namei. And it never will be. Don't use logging ufs with the inode fileserver. Don't bother trying. It can't be fixed; the inode bits will never be extra again. It won't work. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] 1.4.5 SRPMs for rhel4/5
the rhel4 srpm is up. later on i will link it through elsewhere. On Mon, 29 Oct 2007, Jason Harper wrote: Hello Are there plans to release the src.rpm for rhel4 and rhel5? Or am I missing it? Thanks Jason ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] AES Support ?
On Thu, 27 Sep 2007, John Hascall wrote: So they quickly upgrade their servers, then upgrade their clients and then think well we should shut off that unsafe old stuff. Now lets further suppose that Very Important Professor at ISU accesses data in Stanford's cell via ACLs. If ISU hasn't yet completed their server upgraded, then we can't upgrade clients. Now ISU VIP can't get at the data at Stanford. Why not? You didn't create k5-afs in your cell, so an upgraded client will work as before. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] multiple kerberos realms support.
On Thu, 27 Sep 2007, Matthew Andrews wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Christopher D. Clausen wrote: Matthew Andrews [EMAIL PROTECTED] wrote: a few questions about the multiple kerberos realms support in the 1.5 series. If you only need support for two realms, I believe that mostly works with the current code. by current code, do you mean openafs 1.4.4 without patches? it does work there. just put the second realm name in /usr/afs/etc/krb.conf, and the second realm's afs key (with a different kvno from the first, please) in the KeyFile, and move on. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] AES Support ?
On Thu, 27 Sep 2007, John Hascall wrote: By not yet completed I meant started. If I'm understanding the process as it was outlined many messages ago it was: 1) create afs-k5 or (or is it k5-afs?) key 2) upgrade all your servers 3) upgrade all your clients 4) remove the old afs key actually, i think i'd upgrade the servers, then add the key, then upgrade the clients, then remove the old key for experimental deployment i'd use a 3rd key that clients needed to know about to use. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] AES Support ?
On Thu, 27 Sep 2007, John Hascall wrote: So, I'm not sure I'm following exactly, but I think you are suggesting this as a way to test before then (which would be a good thing). You seem to imply that a clients can somehow be manually instructed to use an arbitrary keyname (say afs-k5-test) -- is this correct? Then you could create Well, you have source, so yes, they always *can*. But I think Marcus was using some (afsx?) principal for testing already, so he may have a switch. this key that other clients would not know about, and then I am assuming you could also configure a test server in your cell with this key name too? Until this point servers didn't even care about key names, but, everything is doable. It may need some interface glue, but everything is doable. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: limit amount of uncommitted cache manager data?
On Mon, 24 Sep 2007, Adam Megacz wrote: Derrick Brashear [EMAIL PROTECTED] writes: it would involve a semantic change but we could start flushing changes in the background before fsync. there are of course potential issues. Wouldn't it be the same semantics as if the client cache were rather small? largely. but this forces the change for everyone. I can get the app to fsync(), though, so it looks like I'll go with that. good. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] missing sysid file, vos listaddrs empty
On Thu, 13 Sep 2007, Dave Botsch wrote: At the start of the FileLog: Wed Sep 12 22:55:27 2007 File server starting Wed Sep 12 22:55:27 2007 afs_krb_get_lrealm failed, using fruit. Wed Sep 12 22:55:27 2007 /usr/afs/local/sysid: doesn't exist Wed Sep 12 22:55:27 2007 Creating new SysID file Wed Sep 12 22:55:27 2007 VL_RegisterAddrs rpc failed; will retry periodically (code=5376, err=0) Ok. I bet it's never succeeding, and the 5376 is the real real problem. The sysid write failure I am speaking of shouldn't happen here; you have a different issue. 5376 tells me i should ask what's in the VLLog. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] AFS client causing kernel panics on Solaris 10 Update 4
On Thu, 6 Sep 2007, Coy Hile wrote: Hi all, Has anyone else seen issues with the OpenAFS client causing kernel panics on startup on Solaris 10 update 4 (KJP 120011-14) SPARC? I find that the servers start fine, but when /usr/vice/etc/afsd starts I get a panic. If anyone would like, I can try to get a panic. nonfs or nfs module? if nfs, try nonfs? backtrace? ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] transitive fs la?
On Sun, 2 Sep 2007, Adam Megacz wrote: A user's rights on a directory are effectively moot unless s/he has l permissions on every ancestor directory (up to the volume root). So you could say that the transitive acl of a directory is its acl minus permissions which cannot currently be exercised by virtue of the acls on its ancestors. I'm interested in a simple utility to print out this sort of effective acl. For bonus points, query the pts database and factor in group membership (for example, a group you belong to has l on parent and you personally have l on the directory itself). Has anybody written this already, or should I take a crack at it? You can probably use ws as a basis. See ws.c in my homedir in the andrew cell. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Speed issue with openafs server
Up the number of threads the fileserver has (the -p argument) if you have not already. 128 is the maximum. On Fri, 31 Aug 2007, Emmanuel Vadot wrote: Hello all, I've a speed issue with my server. I've 7 afs server, all with fileserver, ptserver, volserver, buserver and vlserver running. Servers are all running on NetBSD 3.1 with openafs-1.4.4. I ran my test on windows with the last version of openafs-win32 (1.5.2300). I launch a copy on over 150 client of a 100MB file (the same for all clients). Of course the copy is a little bit slow and it's normal but while browsing the afs it's really slow. A simple ls -l in /afs/epitech.net (my cell) takes about 30sec or even more, a simple ls is immediate. On all my server I've a normal load with no process which take lots of cpu except for the one who's containing the data (the 100Mo file) who has the fileserver process at ~ 65% of cpu. Did someone have a little idea of why the browsing is really slow even on a volume on a different server ? -- Emmanuel Vadot System Network Administrator [root bocal] [EMAIL PROTECTED] 14-16 rue Voltaire 94270 Le Kremlin-Bicetre 01 44 08 01 91 06 83 14 62 92 ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: Rx call failed during dump, error -01
On Fri, 31 Aug 2007, Adam Megacz wrote: Hrm, further weirdness. This time there's no Rx error, but vos dump simply sits there at 0% cpu utilization. Worse, something appears to be unhappy in the afs client; I did this $ aklog -c megacz.com aklog: Couldn't get megacz.com AFS tickets: aklog: Credentials cache I/O operation failed XXX while getting AFS tickets Kerberos. $ aklog -c megacz.com *** glibc detected *** double free or corruption (!prev): 0x0809e1e0 *** Userspace. Not the AFS client. #4 0xb7dd9ad2 in free () from /lib/tls/libc.so.6 #5 0xb7f303db in krb5_free_cred_contents () from /usr/lib/libkrb5.so.3 Kerberos. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: Rx call failed during dump, error -01
On Fri, 31 Aug 2007, Adam Megacz wrote: Ah, interesting, the rx error appears in the log when I kill the vos dump. Perhaps that error message is not a cause for concern. Well, that's sort of expected. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: Rx call failed during dump, error -01
On Fri, 31 Aug 2007, Adam Megacz wrote: Same result when performing the dump from a machine other than the fileserver itself. Killing the dump will always kill the dump. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Syntax error in afs_md5.h on FreeBSD
On Wed, 29 Aug 2007, Jason C. Wells wrote: Jim Rees wrote: I would change the static inline to inline. static inline doesn't make any sense to me in an include file, but I'm not familiar with that code. I would also be working with 1.4.x instead of 1.5.x. And you know the client doesn't work, right? I do know that. The last time I tried porting I got the client to read a list of directories before crashing. Maybe it's a little better now. One can hope. No changes which would help FreeBSD have been made; I do hope to look at a FreeBSD port since at this point I need something to run on my x86 class non-Apple hardware, but at this point I'd say odds are low. I might have had it done already but instead I get to fight with broken ethernet drivers. That's a story for another day. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] config options for openafs.org provided builds
On Wed, 29 Aug 2007, Coy Hile wrote: Is there any documentation anywhere which lists with which config options the various binary distributions available on openafs.org are built? I'm currently using the solaris 10 namei builds on the solaris boxes here, but I want to start playing around with --enable-tivoli-tsm to see how that actually works. Is that built-in to the provided builds? (Doug?) It's not. Likewise, same question would go for the rs_aix builds. (I don't care It's not. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Rx call failed during dump, error -01
On Tue, 28 Aug 2007, Adam Megacz wrote: We're getting this consistently when attempting to dump a particular volume (~750mb size). Has anybody seen this before? dump, or move? Wed Aug 29 02:20:30 2007 trans 2158 on volume 536879780 is older than 690 seconds Wed Aug 29 02:20:35 2007 1 Volser: DumpVolume: Rx call failed during dump, error -01 tcpdump? ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: Rx call failed during dump, error -01
On Wed, 29 Aug 2007, Adam Megacz wrote: Derrick J Brashear [EMAIL PROTECTED] writes: We're getting this consistently when attempting to dump a particular volume (~750mb size). Has anybody seen this before? dump, or move? vos dump. Wed Aug 29 02:20:30 2007 trans 2158 on volume 536879780 is older than 690 seconds Wed Aug 29 02:20:35 2007 1 Volser: DumpVolume: Rx call failed during dump, error -01 tcpdump? What flags would you like? -x -s 1500 port 7005, probably. i just want to see the error code in the abort. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] openafs high availability problem
On Wed, 29 Aug 2007, sophana wrote: Derrick Brashear a écrit : I would be interrested in this patch. Thanks Isnt'it possible to add this feature as an option? (or at least a compilation option) Probably 1 minute is really too long for a filesystem. Any user would say it is no more working. 5 seconds is so short that on a WAN if you need to retransmit a single time (it's udp, remember) you're screwed. So short? Do you know anyone waiting more than 5 seconds the file that he opened? I wonder if I know myself. I'll check. Yup. Not all uses of AFS will be local. Even on remote, 5 seconds is a lot. The algorithm has to be re-thinked. Um, you gonna buy me a faster cellphone data network? Seriously. I still have ping times with 35 second latency in an xterm here. Yes, I use AFS from the field. And it works. But not in 5 seconds.
Re: [OpenAFS] openafs high availability problem
On Wed, 29 Aug 2007, sophana wrote: Will that patch apply easily on a 1.4.4 source? I didn't try. It seems that there is a new parameter retrans_shift to osi_sysctl.c, how do you set this parameter? echo 7 /proc/sys/afs/retrans_shift Setting 7 to it will bring the timeout switching to what value? The timeout isn't a single value. It's a number of retransmits all timing out. I don't remember. I think 28 seconds. 6 for 14, 5 for 7 seconds, and 4 for 3.5 seconds. But I may be wrong, and I am in no danger of having time to play with it now. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Call for Volunteer - Need test scripts
On Wed, 29 Aug 2007, Jeffrey Altman wrote: the code did not identify the issues. The test suites I do have cover most of the code paths used by typical Windows applications. What I don't have are scripts to test the non-Windows operations. A problem I understand well. I am looking for someone to step forward to spend several hours developing a set of scripts that can be executed on a Windows client that will test all of the fs commands, the symlink commands, as well as basic operations such as directory creation, rename, deletion, and traversal, file creation, rename, read, write, deletion, etc. The scripts can be written using the scripting language of your choice whether it be perl, python, vbscript, etc. I simply want something that The unix test suite may be able to be adapted for this (perl); Ideal would be if it could have an OS-specific module to adapt it and otherwise would run anywhere. But, we'll take what we get. I will give a free copy of OpenAFS for Windows to the selected volunteer. :-) I will buy you a frosty beverage of your choice(*) Derrick * within reason. no chilled $300 bottle of wine ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] client version
On Wed, 22 Aug 2007, Andrew Bacchi wrote: Hi all, I there a way to tell which version of the AFS client is installed on an AIX machine? rxdebug -v gives me the version on a file server, is there one for the client? rxdebug works fine with the client, if you specify the client port (7001) Thanks. -- veritatas simplex oratio est -Seneca Andrew Bacchi Systems Programmer Rensselaer Polytechnic Institute phone: 518.276.6415 fax: 518.276.2809 http://www.rpi.edu/~bacchi/ ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] cache problems in cluster environment
On Tue, 21 Aug 2007, Thomas Sesselmann wrote: Hello, we are using OpenAFS in a cluster-environment. Now we have about 100 Linux-Clients (Ubuntu 6.06) with OpenAFS 1.4.1-2 (system-default). callback breaks being dropped, so the client isn't refetching. what on your network is either filtering or expiring port mappings, and can you fix it? Sometimes the data on a node isn't consistent and we can't find an issue ... :( We hope someone on this list has an idea to debug or solve this problem...? We can create some files with touch on one node: 14:49:14 [EMAIL PROTECTED]:~/test$ ls 14:49:57 [EMAIL PROTECTED]:~/test$ touch test1 14:50:07 [EMAIL PROTECTED]:~/test$ touch test2 14:50:08 [EMAIL PROTECTED]:~/test$ touch test3 14:50:09 [EMAIL PROTECTED]:~/test$ touch test4 14:50:11 [EMAIL PROTECTED]:~/test$ ll total 0 -rw-r--r-- 1 sesselm admin 0 2007-08-21 14:50 test1 -rw-r--r-- 1 sesselm admin 0 2007-08-21 14:50 test2 -rw-r--r-- 1 sesselm admin 0 2007-08-21 14:50 test3 -rw-r--r-- 1 sesselm admin 0 2007-08-21 14:50 test4 On the other node this files are not listed, but exists: 14:50:16 [EMAIL PROTECTED]:~/test$ ll total 0 14:50:18 [EMAIL PROTECTED]:~/test$ touch test1 touch: cannot touch `test1': File exists 14:50:25 [EMAIL PROTECTED]:~/test$ ll total 0 From this node a file can normally create and also listed from other nodes: 14:50:27 [EMAIL PROTECTED]:~/test$ touch test5 14:50:31 [EMAIL PROTECTED]:~/test$ ll total 0 -rw-r--r-- 1 sesselm admin 0 2007-08-21 14:50 test5 14:50:36 [EMAIL PROTECTED]:~/test$ ll total 0 -rw-r--r-- 1 sesselm admin 0 2007-08-21 14:50 test1 -rw-r--r-- 1 sesselm admin 0 2007-08-21 14:50 test2 -rw-r--r-- 1 sesselm admin 0 2007-08-21 14:50 test3 -rw-r--r-- 1 sesselm admin 0 2007-08-21 14:50 test4 -rw-r--r-- 1 sesselm admin 0 2007-08-21 14:50 test5 14:50:38 [EMAIL PROTECTED]:~/test$ The flushvolume-command helps, but only for the moment. Here are some outputs of rxdebug: - 14:51:51 [EMAIL PROTECTED]:~/test$ rxdebug ms1 Trying 10.162.5.7 (port 7000): Free packets: 705, packet reclaims: 5, calls: 1397969, used FDs: 64 not waiting for packets. 0 calls waiting for a thread 25 threads are idle Connection from host 10.162.4.69, port 7002, Cuid b1b59233/77083130 serial 5276, natMTU 1444, flags pktCksum, security index 2, client conn rxkad: level crypt, flags pktCksum Received 62256 bytes in 2596 packets Sent 324132 bytes in 2596 packets call 0: # 2596, state dally, mode: receiving, flags: receive_done call 1: # 0, state not initialized call 2: # 0, state not initialized call 3: # 0, state not initialized Done. 14:52:03 [EMAIL PROTECTED]:~/test$ rxdebug ms1 -peers |grep Peer |wc -l 93 14:53:00 [EMAIL PROTECTED]:~/test$ rxdebug ms1 -allconnections |grep -n 10.162.0.105 2220:Connection from host 10.162.0.105, port 7001, Cuid 9d1cfd4c/1adc92d4 6300:Connection from host 10.162.0.105, port 7001, Cuid 9d1cfd4c/1adc989c 6345:Connection from host 10.162.0.105, port 7001, Cuid 9d1cfd4c/1adc98a4 6639:Connection from host 10.162.0.105, port 7001, Cuid 9d1cfd4c/1adc98d8 6711:Connection from host 10.162.0.105, port 7001, Cuid 9d1cfd4c/4963ddc8 6753:Connection from host 10.162.0.105, port 7001, Cuid 9d1cfd4c/4963ddcc 6792:Connection from host 10.162.0.105, port 7001, Cuid 9d1cfd4c/4963ddd0 6819:Connection from host 10.162.0.105, port 7001, Cuid 9d1cfd4c/4963ddd4 6828:Connection from host 10.162.0.105, port 7001, Cuid 9d1cfd4c/4963ddd8 6921:Connection from host 10.162.0.105, port 7001, Cuid 9d1cfd4c/4963dde4 7011:Connection from host 10.162.0.105, port 7001, Cuid 9d1cfd4c/4963ddf4 7098:Connection from host 10.162.0.105, port 7001, Cuid 9d1cfd4c/4963de00 7200:Connection from host 10.162.0.105, port 7001, Cuid 9d1cfd4c/4963de0c 7263:Connection from host 10.162.0.105, port 7001, Cuid 9d1cfd4c/4963de10 7335:Connection from host 10.162.0.105, port 7001, Cuid 9d1cfd4c/4963de14 14:54:43 [EMAIL PROTECTED]:~/test$ rxdebug ms1 -allconnections |grep -A 8 10.162.0.105 Connection from host 10.162.0.105, port 7001, Cuid 9d1cfd4c/1adc92d4 serial 6, natMTU 1444, security index 0, server conn call 0: # 6, state not initialized call 1: # 0, state not initialized call 2: # 0, state not initialized call 3: # 0, state not initialized -- Connection from host 10.162.0.105, port 7001, Cuid 9d1cfd4c/1adc989c serial 3, natMTU 1444, security index 0, server conn call 0: # 2, state not initialized call 1: # 0, state not initialized call 2: # 0, state not initialized call 3: # 0, state not initialized -- Connection from host 10.162.0.105, port 7001, Cuid 9d1cfd4c/1adc98a4 serial 11, natMTU 1444, security index 0, server conn call 0: # 7, state not initialized call 1: # 0, state not initialized call 2: # 0, state not initialized call 3: # 0, state not initialized -- Connection from host 10.162.0.105, port 7001, Cuid 9d1cfd4c/1adc98d8 serial 8, natMTU 1444, security index 0,
Re: [OpenAFS] Problems with power outages
use dynroot, or don't start the client until the afs service is running, i'm guessing, but i don't know the specifics of what you have set up how, and where. On Wed, 15 Aug 2007, Karl M. Davis wrote: Hey there all, I just recently set up the Debian openafs 1.4.4 packages on an Ubuntu server box, running in a virtual machine. It's monsoon season here in Tucson and we've had a couple of long power outages and problems with the UPS. Both times the server has gone done unexpectedly, AFS didn't come back up correctly. The symptoms I note are that ls /afs returns empty on the server and the Windows client can't connect. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] write caching differences between 1.2 and 1.4 clients?
On Tue, 14 Aug 2007, [EMAIL PROTECTED] wrote: On Tue, 14 Aug 2007, Derrick J Brashear wrote: Per our private thread, the salient point is on linux and not simply 1.2 versus 1.4 Yes, sorry, I'm guilty of not checking a 1.4.4 client on Solaris before - which behaves correctly. I also have to add that my linux build is not pristine 1.4.4 but has a number of patches applied I pulled from CVS. I'll check 1.4.4 as released, but this will have to wait until tomorrow. It will have changed as released. It's not really intentional so much as side effect of changes to support Linux 2.6 almost certainly ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: [OpenAFS-announce] OpenAFS 1.5.22 released
On Mon, 13 Aug 2007, Tom Maher wrote: On 8/13/07, Jeffrey Altman [EMAIL PROTECTED] wrote: * Kerberos 5 utilities (aklog and asetkey) now can build against native Solaris kerberos. In my 5 minutes of checking openafs-devel archives and CVS, I'm unable to find either discussion of native Solaris kerberos support or the delta itself. Could someone be so kind as to point me at it? Even if it doesn't get backported into the 1.4 branch, I'd very much like to use it locally myself. It's already backported. Note that this doesn't use the mech_krb5.so Kerberos in original Solaris 10. It only uses the MIT-equivalent kerberos which shipped later (apparently) and in OpenSolaris. The interesting bit about it is neither that kerberos nor AIX kerberos includes krb524. aklog-deal-without-524-20070711 ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: Openafs performance with Apache/PHP
On Mon, 13 Aug 2007, Nate Gordon wrote: I've looked through it before, but I usually get too annoyed when the asfd process kernel panics my machine if I get dcache/stats too high. What's the panic? ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] pam_afs.so.1 for amd64_linux26
On Tue, 7 Aug 2007, Jeff Blaine wrote: Is there a reason this doesn't get built by default from source? 'make' inside src/pam built it fine... Someone refresh my memory if there's a problem? at some point it was broken. if you check the list archive you should find details, but i don't remember them now. might have to do with relocations by the shared linker. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] OpenAFS and RHEL5 Server 64-bit?
On Tue, 7 Aug 2007, Scott Ehrlich wrote: I have some dual-boot XP/CentOS 5 systems that I want to authenticate to a server running RHEL 5 Server 64-bit edition, unpatched. I want central authentication from the server, so the same home directory will appear for any account created on the server, regardless of whether the user is logging into the Windows or Linux side, even for simultaneous logins. OpenAFS 1.4.4 plus, possibly, kernel patches from OpenAFS CVS... or just try the Fedora Core 7 srpm. I obtained the latest OpenAFS source from openafs.org, but compiling crashed. If you mean that literally, I recommend a new gcc. I suspect you don't actually mean that. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: OpenAFS and RHEL5 Server 64-bit?
On Tue, 7 Aug 2007, Simon Wilkinson wrote: http://atrpms.net/dist/el5/openafs/ It contains support for all RHEL5/CentOS5 kernels ever released. It's worth noting that there are significant differences between the OpenAFS specfile, and that distributed by ATrpms.net - you are likely to find that paths, and configuration details, vary between these two builds. In fact, this is one of the issues with simply adopting these builds as official. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Secure Endpoints around?
On Tue, 7 Aug 2007, Lundgren, Andrew wrote: I sent an email about a week and a half ago to secure endpoints asking about training and support. I never heard back. Does anyone know what their status might be? Online earlier today. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: OpenAFS and RHEL5 Server 64-bit?
On Wed, 8 Aug 2007, Axel Thimm wrote: On Tue, Aug 07, 2007 at 06:37:43PM -0400, Derrick J Brashear wrote: On Tue, 7 Aug 2007, Simon Wilkinson wrote: http://atrpms.net/dist/el5/openafs/ It contains support for all RHEL5/CentOS5 kernels ever released. It's worth noting that there are significant differences between the OpenAFS specfile, and that distributed by ATrpms.net - you are likely to find that paths, and configuration details, vary between these two builds. In fact, this is one of the issues with simply adopting these builds as official. The packages at ATrpms try to stick to the FHS, which at least in Red Hat land is a bit of a holy grail. I wouldn't mind if someone adds a build time switch to leave that choice to the concerned user, e.g. something like which won't help adopt builds (I agree with FHS in a general sense but there are migration issues, that's all another story) ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] OpenAFS and RHEL5 Server 64-bit?
On Tue, 7 Aug 2007, Robert Kim Wireless Internet Advisor wrote: I hate it when compiling crashes after 3 hours of run time! I hate it when it dies. When it crashes I upgrade (or downgrade) my obviously broken compiler, which has nothing to do with what i am compiling :) ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: Openafs 1.4.4 build fails on Fedora 7
On Tue, 31 Jul 2007, Axel Thimm wrote: The SRPM is the same as the one you extracted those patches from. I suspect you're probably not fully regenerating configure in order to pick up the new configuration tests. Take a look at the setup section of the OpenAFS SRPM for what needs to happen. configure does the checking, but I see it nowhere storing the result (like afsconfig.h). Maybe some other patch is needed as well? maybe not. configure generates that file. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
[OpenAFS] Re: Openafs 1.4.4 build fails on Fedora 7
configure does the checking, but I see it nowhere storing the result (like afsconfig.h). Maybe some other patch is needed as well? maybe not. configure generates that file. But only if afsconfig.h.in provides the hooks, a call to autoheader was missing. All is back in harmony now, thanks! :) We don't ship regen.sh because we're bored. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Weird volserver problem
you probably want the volserver clone locking patch in (i'm guessing) src/vol/clone.c since 1.4.4 On Sat, 28 Jul 2007, Brian Sebby wrote: We're having a strange problem that just started happening this afternoon on one of our fileservers that appears to be related to the volserver. We have a number of jobs that perform vos release commands, and today we started getting error messages from them indicating that they were timing out, etc. Trying to run various vos commands takes forever, and although they eventually return the information, they sit there for several minutes before they succeed. I'm seeing a number of messages like this in the VolserLog file: Sat Jul 28 16:02:11 2007 trans 60 on volume 1818569609 has been idle for more than 570 seconds Sat Jul 28 16:02:11 2007 trans 55 on volume 1818569660 has been idle for more than 600 seconds Sat Jul 28 16:02:11 2007 trans 55 on volume 1818569660 has timed out Sat Jul 28 16:02:41 2007 trans 60 on volume 1818569609 has been idle for more than 600 seconds Sat Jul 28 16:02:41 2007 trans 60 on volume 1818569609 has timed out and Sat Jul 28 15:59:41 2007 1 Volser: DumpVolume: Rx call failed during dump, error -01 Sat Jul 28 15:59:41 2007 1 Volser: DumpVolume: Rx call failed during dump, error -01 Sat Jul 28 15:59:41 2007 1 Volser: DumpVolume: Rx call failed during dump, error -01 Sat Jul 28 15:59:41 2007 1 Volser: DumpVolume: Rx call failed during dump, error -01 Sat Jul 28 15:59:41 2007 1 Volser: DumpVolume: Rx call failed during dump, error -01 Sat Jul 28 15:59:41 2007 1 Volser: DumpVolume: Rx call failed during dump, error -01 Sat Jul 28 15:59:41 2007 1 Volser: DumpVolume: Rx call failed during dump, error -01 Sat Jul 28 15:59:41 2007 1 Volser: DumpVolume: Rx call failed during dump, error -01 These volumes are on SAN storage, using ZFS as the backend fileserver. We're running the 1.4.4 namei fileserver on Solaris with the -nofsync patch. Here are the bos parameters we're using: Instance fs, (type is fs) currently running normally. Auxiliary status is: file server running. Process last started at Sat Jul 28 15:50:38 2007 (3 proc starts) Last exit at Sat Jul 28 15:50:38 2007 Command 1 is '/usr/afs/bin/fileserver -nojumbo -nofsync' Command 2 is '/usr/afs/bin/volserver -nojumbo -nofsync' Command 3 is '/usr/afs/bin/salvager' Any help would be greatly appreciated. Brian -- Brian Sebby ([EMAIL PROTECTED]) | Unix and Operation Services Phone: +1 630.252.9935| Computing and Information Systems Fax: +1 630.252.4601| Argonne National Laboratory ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Production ready?
On Fri, 13 Jul 2007, Lundgren, Andrew wrote: Which version should I consider using, the latest version that the download link leads (1.4.x) to or the version that the windows download leads to (1.5.x)? I'd suggest using the version the windows download link leads to on windows, and the latest link otherwise... I have been trying to compile openAFS on SUSE 10.2 with gcc version 4.1.0 and am running into compile problems. I ran into problems with ifdefs on line 115. line 115 of? ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] OpenAFS + Kerb5: lifetimes
kinit -l7d ? On Thu, 12 Jul 2007, Jeff Blaine wrote: I spoke way too soon. One of them was off. They're all three set to 2 days now as a test and I still only get tickets and tokens for 24hrs. Jeffrey Altman wrote: Jeff Blaine wrote: I'm using OpenAFS 1.4.3, pam_afs_session, and pam_krb5 from Russ Alberry. Can anyone shed light on why my tickets and tokens have only a 24hr lifetime? kadmin.local: getprinc jblaine Principal: [EMAIL PROTECTED] Expiration date: [never] Last password change: Mon Apr 23 14:50:16 EDT 2007 Password expiration date: [none] Maximum ticket life: 7 days 00:00:00 Maximum renewable life: 0 days 00:00:00 Last modified: Tue May 01 14:32:01 EDT 2007 (root/[EMAIL PROTECTED]) Last successful authentication: [never] Last failed authentication: [never] Failed password attempts: 0 Number of keys: 2 Key: vno 1, Triple DES cbc mode with HMAC/sha1, no salt Key: vno 1, DES cbc mode with CRC-32, no salt Attributes: Policy: [none] kadmin.local: What are the maximum ticket lifetimes for your krbtgt/[EMAIL PROTECTED] and afs[/[EMAIL PROTECTED]@MITRE.ORG principals? The maximum lifetime is the minimum of the user, tgt and service principals. Jeffrey Altman ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] OpenAFS + Kerb5: lifetimes
On Thu, 12 Jul 2007, Russ Allbery wrote: Jeff Blaine [EMAIL PROTECTED] writes: I'm using OpenAFS 1.4.3, pam_afs_session, and pam_krb5 from Russ Alberry. Can anyone shed light on why my tickets and tokens have only a 24hr lifetime? Because the Kerberos libraries hard-code a 24 hour lifetime unless you configure something else. You can either set ticket_lifetime in [libdefaults] in krb5.conf or you can set ticket_lifetime as a pam_krb5 option in [appdefaults] or in the PAM configuration. if this still fails, try the kinit... i really do want to know if simply specifying a 7 day lifetime on the command line does what you want oh right. heimdal or mit on the client? ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] OpenAFS + Kerb5: lifetimes
sure, but ignore the config files and give kinit a lifetime switch On Thu, 12 Jul 2007, Jeff Blaine wrote: This is MIT Kerberos as shipped with RHELv4. ticket_lifetime = 2d in [libdefaults] of krb5.conf buys me nothing. ticket_lifetime is not a documented option for [libdefaults] according to the official MIT docs. ticket_lifetime=2d as an option to pam_krb5RA.so buys me nothing. Jul 12 17:24:06 rcf-kerbtest-linux sshd: (pam_krb5): none: pam_sm_authenticate: entry (0x1) Jul 12 17:24:06 rcf-kerbtest-linux sshd: (pam_krb5): jblaine: attempting authentication as [EMAIL PROTECTED] Jul 12 17:24:10 rcf-kerbtest-linux sshd: (pam_krb5): jblaine: pam_sm_authenticate: exit (success) Jul 12 17:24:10 rcf-kerbtest-linux sshd[4367]: Accepted keyboard-interactive/pam for jblaine from :::129.83.10.14 port 60577 ssh2 Jul 12 17:24:10 rcf-kerbtest-linux sshd(pam_unix)[4370]: session opened for user jblaine by (uid=0) Jul 12 17:24:10 rcf-kerbtest-linux sshd[4370]: (pam_krb5): none: pam_sm_setcred: entry (0x2) Jul 12 17:24:10 rcf-kerbtest-linux sshd[4370]: (pam_krb5): none: no context found, creating one Jul 12 17:24:10 rcf-kerbtest-linux sshd[4370]: (pam_krb5): jblaine: found initial ticket cache at /tmp/krb5cc_pam_MB3OqY Jul 12 17:24:10 rcf-kerbtest-linux sshd[4370]: (pam_krb5): jblaine: initializing ticket cache FILE:/tmp/krb5cc_26560_HBBo23 Jul 12 17:24:10 rcf-kerbtest-linux sshd[4370]: (pam_krb5): jblaine: pam_sm_setcred: exit (success) Jul 12 17:24:10 rcf-kerbtest-linux sshd[4370]: (pam_afs_session): pam_sm_open_session: entry (0x0) Jul 12 17:24:10 rcf-kerbtest-linux sshd[4370]: (pam_afs_session): running /usr/afsws/bin/aklog as UID 26560 Jul 12 17:24:11 rcf-kerbtest-linux sshd[4370]: (pam_afs_session): pam_sm_open_session: exit (success) Jul 12 17:24:11 rcf-kerbtest-linux sshd[4370]: (pam_krb5): jblaine: pam_sm_setcred: entry (0x8) Jul 12 17:24:11 rcf-kerbtest-linux sshd[4370]: (pam_krb5): jblaine: pam_sm_setcred: exit (success) ~:rcf-kerbtest-linux /usr/kerberos/bin/klist Ticket cache: FILE:/tmp/krb5cc_26560_zdQIVJ Default principal: [EMAIL PROTECTED] Valid starting ExpiresService principal 07/12/07 17:25:36 07/13/07 17:25:36 krbtgt/[EMAIL PROTECTED] renew until 07/12/07 17:25:36 07/12/07 17:25:36 07/13/07 17:25:36 [EMAIL PROTECTED] renew until 07/12/07 17:25:36 Kerberos 4 ticket cache: /tmp/tkt26560 klist: You have no tickets cached ~:rcf-kerbtest-linux tokens Tokens held by the Cache Manager: User's (AFS ID 26560) tokens for [EMAIL PROTECTED] [Expires Jul 13 17:25] --End of list-- ~:rcf-kerbtest-linux Derrick J Brashear wrote: kinit -l7d ? On Thu, 12 Jul 2007, Jeff Blaine wrote: I spoke way too soon. One of them was off. They're all three set to 2 days now as a test and I still only get tickets and tokens for 24hrs. Jeffrey Altman wrote: Jeff Blaine wrote: I'm using OpenAFS 1.4.3, pam_afs_session, and pam_krb5 from Russ Alberry. Can anyone shed light on why my tickets and tokens have only a 24hr lifetime? kadmin.local: getprinc jblaine Principal: [EMAIL PROTECTED] Expiration date: [never] Last password change: Mon Apr 23 14:50:16 EDT 2007 Password expiration date: [none] Maximum ticket life: 7 days 00:00:00 Maximum renewable life: 0 days 00:00:00 Last modified: Tue May 01 14:32:01 EDT 2007 (root/[EMAIL PROTECTED]) Last successful authentication: [never] Last failed authentication: [never] Failed password attempts: 0 Number of keys: 2 Key: vno 1, Triple DES cbc mode with HMAC/sha1, no salt Key: vno 1, DES cbc mode with CRC-32, no salt Attributes: Policy: [none] kadmin.local: What are the maximum ticket lifetimes for your krbtgt/[EMAIL PROTECTED] and afs[/[EMAIL PROTECTED]@MITRE.ORG principals? The maximum lifetime is the minimum of the user, tgt and service principals. Jeffrey Altman ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Full disk woes
On Wed, 11 Jul 2007, Kim Kimball wrote: Probably too late here ... the volserver can be killed without restarting the fileserver. That will clear the volserver queue without causing the fileserver to detach/reattach all the volumes, which can take some minutes depending on how many volumes there are. It also leaves your file server up and causes no outage. At some point we will add bos support to just do this. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] dual database configuration
On Tue, 3 Jul 2007, Gerald Macinenti wrote: of course these are test servers, but I must say I somehow lost confidence in the dual database solution to migrate my production server..., not well, you did some weird things first, so it's hard to say whether you broke something trying the various unsupported things before you got here. i've been running a dual server config since the 90s, with hardware that's been running, well, since the 90s (i guess the pc is newer but the filesystem has moved with the hostname over time) I will retry the configuration with a file-only server, vos addsite all my volumes to the new fileserver then bring the administrative databases down on the old and then up on the new, but It is not clear for me if I must vos um. if you're not careful you'll screw yourself again. if you do that make sure you 1) migrate the database files 2) properly edit all CellServDBs (client and server) addsite the root.afs and root.cell, or if i must create them from scratch on the new server then only vos addsite all other volumes? In my last test I vos addsited root.* which may be the cause of the problem... if you are turning off the old server, addsite won't help. if you intend to have both up, well, you can only have one master copy, so you can create on exactly one host, and then addsite on both (and release) ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: Problem with OpenAFS 1.4.2 Universal image on Core Duo Mac Mini
On Sun, 1 Jul 2007, Aaron Hsu wrote: On 2006-12-27 14:44:54 -0600, Jon Allen Boone [EMAIL PROTECTED] said: I recently upgraded my OpenAFS systems from the 1.4.1 release to the 1.4.2 release using the image provided at www.openafs.org. I have since had problems with afsd on the machine that also acts as my server. When attempting to start afsd, I get the following crash report. My machine is running 10.4.8 with all of the security updates. afsd is the only program that has problems. I am also experiencing similar crashes on Mac OS 10.4.10 with OpenAFS 1.4.4. Does anyone know if a fix to this problem has been documented or discovered? If you disable memcache (edit /var/db/openafs/etc/config/afsd.options) does the problem go away? ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Question about release
On Mon, 2 Jul 2007, David Sonenberg wrote: I'm trying to get a better understanding on how OpenAFS works with replicas. Will volumes release on there own, as part of some sort of schedule, or do they always need to be released manually? If it's automatic, what is the frequency and where is that configured? always need to be released manually. you can of course set up tools to do it automatically, and if you do, having some sort of locking mechanism is probably smart ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Cell migration
On Sun, 1 Jul 2007, Gérald Macinenti wrote: server, I have another problem: the volserver on the fileserver doesn't seam to listen on any port? bos status: Instance fs, currently running normally. Auxiliary status is: file server running. ps aux: /usr/libexec/openafs/volserver is the fileserver running? until the volserver can talk tot he fileserver it has little interest in talking to anyone else (look at the logs)
Re: [OpenAFS] Cell migration
On Sun, 1 Jul 2007, Gérald Macinenti wrote: is the fileserver running? until the volserver can talk tot he fileserver it has little interest in talking to anyone else (look at the logs) FileLog: File server starting /var/openafs/sysid: doesn't exist Creating new SysID file so everything seams ok on the fs, isn't it ? And VolserLog?
Re: [OpenAFS] Cell migration
On Sun, 1 Jul 2007, Gérald Macinenti wrote: Derrick J Brashear a écrit : On Sun, 1 Jul 2007, Gérald Macinenti wrote: is the fileserver running? until the volserver can talk tot he fileserver it has little interest in talking to anyone else (look at the logs) FileLog: File server starting /var/openafs/sysid: doesn't exist Creating new SysID file so everything seams ok on the fs, isn't it ? And VolserLog? this file isn't create by the process... Then your volserver isn't starting...
Re: [OpenAFS] Cell migration
On Sun, 1 Jul 2007, Christof Hanke wrote: Hi, what about vos move ? I haven't heard of any reason why this shouldn't work. Well, it would if he weren't trying to not make the new fileserver be in the old cell while he was doing this. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] OpenAFS on FC7
On Fri, 29 Jun 2007, Ron Croonenberg wrote: hello all, Is there a srpm for 1.5.20 for FC7 available ? No. We are however shipping rpms for fc7 for 1.4.4, and if you wish to use yum, you can install http://www.openafs.org/dl/openafs/1.4.4/fedora/RPMS/noarch/openafs-repository-1.0-1.noarch.rpm and then yum install openafs-client and the right thing should happen. Thanks to Simon Wilkinson for this (and the FC7 builds) btw... as soon as I have time to formally write it up we will be announcing it officially. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] My salvager was cored by my volume.
Getting a backtrace would be a good first step. On Thu, 28 Jun 2007, Harald Barth wrote: Yesterday I had a server crash after a HW-RAID box decided to go out for lunch wihout even trying to have a reason. After I restarted with fast-restart and then salvaged everything. First pass with orphans ignore: + /usr/openafs/bin/bos salvage -server ruffe -partition a -volume pdc.vol.module -showlog -orphans ignore -localauth Starting salvage. bos: salvage completed SalvageLog: @(#) OpenAFS 1.4.4 built 2007-04-25 06/27/2007 20:07:27 STARTING AFS SALVAGER 2.4 (/usr/openafs/libexec/openafs/salvager /vicepa 537045984 -orphans ignore) 06/27/2007 20:07:28 2 nVolumesInInodeFile 64 06/27/2007 20:07:28 CHECKING CLONED VOLUME 537045986. 06/27/2007 20:07:28 pdc.vol.module.backup (537045986) updated 06/01/2005 14:10 06/27/2007 20:07:28 SALVAGING VOLUME 537045984. 06/27/2007 20:07:28 pdc.vol.module (537045984) updated 06/01/2005 14:10 06/27/2007 20:07:28 totalInodes 3019 06/27/2007 20:07:29 dir vnode 451: ??/.. (vnode 449): unique changed from 6629 to 11697 -- deleted 06/27/2007 20:07:29 dir vnode 455: ??/.. (vnode 453): unique changed from 6631 to 7491 -- deleted 06/27/2007 20:07:29 Vnode 449: link count incorrect (was 2, now 1) 06/27/2007 20:07:29 Vnode 453: link count incorrect (was 9, now 8) 06/27/2007 20:07:29 Found 2 orphaned files and directories (approx. 4 KB) 06/27/2007 20:07:29 Salvaged pdc.vol.module (537045984): 3012 files, 25862 block Second pass with orphans attach: + /usr/openafs/bin/bos salvage -server ruffe -partition a -volume pdc.vol.module -showlog -orphans attach -localauth Starting salvage. bos: salvage completed SalvageLog: @(#) OpenAFS 1.4.4 built 2007-04-25 06/28/2007 15:57:26 STARTING AFS SALVAGER 2.4 (/usr/openafs/libexec/openafs/salvager /vicepa 537045984 -orphans attach) 06/28/2007 15:57:27 2 nVolumesInInodeFile 64 06/28/2007 15:57:27 CHECKING CLONED VOLUME 537045986. 06/28/2007 15:57:27 pdc.vol.module.backup (537045986) updated 06/01/2005 14:10 06/28/2007 15:57:27 SALVAGING VOLUME 537045984. 06/28/2007 15:57:27 pdc.vol.module (537045984) updated 06/01/2005 14:10 06/28/2007 15:57:27 totalInodes 3019 06/28/2007 15:57:28 The dir header alloc map for page 0 is bad. 06/28/2007 15:57:28 Directory bad, vnode 451; salvaging... 06/28/2007 15:57:28 Salvaging directory 451... 06/28/2007 15:57:28 Checking the results of the directory salvage... 06/28/2007 15:57:28 The dir header alloc map for page 0 is bad. 06/28/2007 15:57:28 Directory bad, vnode 455; salvaging... 06/28/2007 15:57:28 Salvaging directory 455... 06/28/2007 15:57:28 Checking the results of the directory salvage... 06/28/2007 15:57:28 Salvage volume group core dumped! How unhappy is my volume or my salvager and where is that core? Yes, I can access the volume and no, it is not written very often. [EMAIL PROTECTED] /afs/pdc.kth.se/pdc/vol/module/3.1.6 $ ls amd64_fc3 i386_fc3 ia64_deb30 man rs_aix43 bini386_rh9 initmodulefiles src [EMAIL PROTECTED] /afs/pdc.kth.se/pdc/vol/module/3.1.6 $ fs lq . Volume Name Quota Used %Used Partition pdc.vol.module5 25862 52% 69% # vos exa pdc.vol.module -local pdc.vol.module537045984 RW 25862 K On-line ruffe.pdc.kth.se /vicepa RWrite 537045984 ROnly 0 Backup 537045986 MaxQuota 5 K CreationFri May 16 10:20:22 2003 CopyWed May 2 21:42:08 2007 Backup Thu Jun 28 02:18:52 2007 Last Update Wed Jun 1 14:10:44 2005 4874 accesses in the past day (i.e., vnode references) RWrite: 537045984 Backup: 537045986 number of sites - 1 server ruffe.pdc.kth.se partition /vicepa RW Site Tips and tricks how to proceed? Harald. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Offlining of Database server
On Wed, 27 Jun 2007, David Sonenberg wrote: So I have migrated all but a few problematic volumes to a new server. I have a number of bogus volumes with replicas on other sites, that I can't delete with 'vos remsite' and 'vos delete.' Additionally I have a few readonly volumes located on that server that have no readwrite pair, but I can't delete them either. My question is how do I get rid of these problematic volumes? Then once I do what do I need to do to decommission the server? This was our first AFS server, it has the lowest IP, and is running all the database servers as well as the fileserver. technically once they're no longer in the vldb (delentry) clients don't care, and you can leave data behind; at least for replicas you have no need to clean up properly. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: cyrus with storage in afs?
On Tue, 26 Jun 2007, Adam Megacz wrote: Robert Banz [EMAIL PROTECTED] writes: Don't try to use Cyrus on AFS. It's a losing proposition from a performance and data integrity standpoint. Sorry to resurrect an old thread here, but I recently got grilled on this point and was embarrassed at being unable to give a precise ansewr... assuming that performance is no concern whatsoever, what exactly are the data integrity issues that come up when using AFS to store Cyrus data? are you going to have multiple front ends accessing the data, or just one machine? i know which people you were talking to, i'm kind of curious how this particular use for afs came up. we told people not to use nfs behind cyrus either, though you can. it's just not the best idea. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: cyrus with storage in afs?
On Tue, 26 Jun 2007, Adam Megacz wrote: are you going to have multiple front ends accessing the data, or just one machine? For argument's sake, let's assume only a single front-end (imapd) machine. That's not especially dangerous, then. the worst risk is screwing with Cyrus' idea of the universe if a volume goes away under it, like, in particular i'm uncertain we ever audited cyrus to see if it handled write failures correctly in every case, and if the volume goes away, a write can and obviously will fail. if it's not right in every case it's certainly very close. i'm kind of curious how this particular use for afs came up. Well, they have a gigantic cyrus installation already. They're considering OpenAFS as a unifying technology. Cyrus-on-AFS was just an idea that got tossed out; I don't think anybody was particularly bent on doing it. who tossed it out, is what i'm wondering, just for curiosity. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: cyrus with storage in afs?
On Tue, 26 Jun 2007, Derrick J Brashear wrote: On Tue, 26 Jun 2007, Adam Megacz wrote: are you going to have multiple front ends accessing the data, or just one machine? For argument's sake, let's assume only a single front-end (imapd) machine. That's not especially dangerous, then. the worst risk is screwing with Cyrus' I suppose I should say the locking semantics we have do make having multiple front ends dangerous. However, it isn't a problem for my files because I'm not going to be writing over my own changes, particularly, unless I meant to ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: cyrus with storage in afs?
On Tue, 26 Jun 2007, Robert Banz wrote: I personally wouldn't want my mail storage on AFS. I say that because, right now, it is, and I can't wait to get it off of it. It's caused me nothing but problems, because the AFS fileserver doesn't just seem to be made to handle the transactional intensity of mail-land. We got around a lot of our performance issues by moving from a berkeley-based mailspool to a maildir-like one a couple years ago, but now are always coming up against performance (leading into stability) issues caused by AFS being part of the stack. Less things being part of the stack with your mail system will make things better; run it on some quality fibre or iscsi attached storage and you won't end up screaming in pain later on. callback issues, or something else? i wouldn't expect corruption issues here, in spite of the question of whether *performance* sucks because you're imposing another network round trip (minimum) in an already-network protocol ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Vos functions and clones and shadows
On Tue, 26 Jun 2007, Steve Simmons wrote: On Jun 26, 2007, at 4:37 AM, Dr A V Le Blanc wrote: According to the FAQ, shadow volumes which are not live do not appear in the VLDB. Clones created by 'vos clone' are in the VLDB, but they will be removed from the VLDB if a volume is deleted by 'vos remove'. I thought that was what would happen, but I've been corrected here - manually named clones persist after the deletion/move of the volume, and will have to be removed explicitly. right. Once a dangling clone (nice term) has been created, it's pretty much not a clone any more. In some senses, it becomes a full production volume. However... this is one of those edge condition things that we'd like to get settled out based on broader input from the community. Unlike other normal the problem is it lives in the volume group of its parent, so it's a halfling. parent's gone, but... yeah, like you say Dan Hyde can probably respond to this more accurately than I can, but I believe that we have modified vos syncvldb such that it does not put shadows into the vldb unless you use an additional switch which we have created. put the patches you have in rt. we'll figure out what can and should get merged. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: Vos functions and clones and shadows
On Tue, 26 Jun 2007, Adam Megacz wrote: Derrick J Brashear [EMAIL PROTECTED] writes: the problem is it lives in the volume group of its parent, so it's a halfling. parent's gone, but... yeah, like you say While we're on the topic, what is the reason for having volume groups in the first place rather than just having a reference in the volume header saying I am a backup volume for volume XYZ to establish volume relationships? i don't remember. it can probably be addressed but it won't fix the namei tag issue Is the volume numbers share all but the last three bits criterion visible to the cache manager, or is this something that could be altered just on the servers and admin clients (vos, bos, etc)? cm doesn't care. it's internal - a -- PGP/GPG: 5C9F F366 C9CF 2145 E770 B1B8 EFB1 462D A146 C380 ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: cyrus with storage in afs?
On Tue, 26 Jun 2007, Adam Megacz wrote: Sorry to keep nagging you on this issue... But not sorry enough not to. Specifically, is it that the fileserver gets bogged down by having to keep track of too many outstanding callbacks? No, by having to deal with the results of breaking them and clients refetching data too frequently, which is the issue if you have multiple clients with a callback on the same frequently written piece of data. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: Vos functions and clones and shadows
On Tue, 26 Jun 2007, Adam Megacz wrote: Jeffrey Altman [EMAIL PROTECTED] writes: The .backup volume is reported by the VL_GetEntryByNameX RPCs. Ok, but would any functionality break if it stopped reporting it? vos examine foo would stop showing it had a backup volume. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] bos status reports wrong key version number
On Mon, 25 Jun 2007, Christopher Mason wrote: Hello. I'm setting up a new AFS cell using Active Directory as my KDC. When I run: bos status mprcafs01.mayo.edu I get: bos: failed to contact host's bosserver (ticket contained unknown key version number). I've created the keys using the samba's net command: net ads keytab add afs/[EMAIL PROTECTED] then I deleted the two other keys with non-des-crc-cbc enctypes using ktutil, and added the single des-crc-cbc key using asetkey. The key versions reported by aset and kvno seem to match (see below for more details). I've tried the entire key creation/addition process several times to make sure there wasn't a mismatch (deleting and recreating the computer account in AD each time), but I don't know of a way to get AD to tell what it thinks the key version number is (ie analog to kadmin). Any ideas what I may have done wrong? Thanks, -c Essentially what I did was: Pre-create computer account mprcafs01 using AD Users and Computers. net ads join createcomputer=Research/MCR/Resources/Samba Servers -- LABS/MPRC -S mfadir04.mfad.mfroot.org On windows: setspn -A afs/mprc.mayo.edu mprcafs01 because otherwise windows refuses the SPN because it's not on it's list of approved SPNs. net ads keytab add afs/[EMAIL PROTECTED] ktutil rkt /etc/krb5.keytab delent those afs/mprc.mayo.edu entries which had non des-crc-cbc enctypes which were what types? because, well, i presume those are also in the kdc, and, frankly, that's probably your issue. the right answer is not to delete them from the keytab. it's to delete them from the kdc. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] New Server, Journaling FS, and Windows Client...
On Fri, 22 Jun 2007, David Sonenberg wrote: Now that I've got my new database/fileserver up and running, I have a few questions... First off does /vicepa need to be on a non-journaling filesystem? The documentation said to use ext2, but if it's not a requirement, I'd like to covert it to ext3 with journaling. ext3 is fine anything other than update the CellServDB file on their Windows machines? you don't even need to do that unless you're adding a dbserver ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] guide to debugging nat issues?
On Thu, 14 Jun 2007, Adam Megacz wrote: I've encountered a NAT that seems to be messing with OpenAFS (1.4.4 Mac client and 1.4.4 Linux server) -- periodically and randomly things just stop working and the connection times out; a few minutes later they magically start working again. Are there any guides out there on how to debug such a situation? Fix the nat port timeout, or, well, I suppose I could probably give you a patch to up the ping frequency Alternately, I expect to finish a behavior improvement for 1.4.5 ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] FC6 MIT/Krb5 AFS basic install questions
On Wed, 13 Jun 2007, Doug Hirsch wrote: Greetings from Cambridge, up the river from MIT! I'm out in the field visiting my company headquarters, attending the non-technical course which justified this trip, trying, during my breaks, to install an AFS/Kerberos proof-of-concept demo cell on an aged i686 desktop in the lab. I spent four hours last night flipping between OpenAFS web site, AFS wiki, Fedora site and wiki, various Kerberos cheat sheets and RPM intros, and I'm confused about the software installation order. I installed Fedora Core 6 from five CDs. I haven't yet discovered whether my generic FC6 install included MIT Kerberos 5, and I suspect I'll piece that information together this afternoon. If I have to install Kerberos software, do I want to install the software after, or before the AFS software? Will some libraries be overwritten? The OpenAFS release pages list a bunch of RPMs for each FC release. Do I take all of them, somehow point Yum at them, or select a specific sample? You should be able to Yum at them, and I suppose I should find out how again and put it in the wiki, and the install instructions, and then arrange for the release script to consistently generate the info. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
[OpenAFS] [OpenAFS-port-darwin] OpenAFS Community Meeting WWDC: 5:00pm Wednesday in the IT Lab (fwd)
We'll get be getting together Wednesday at 5pm in the IT Lab at WWDC; If you'd like to talk about the future of OpenAFS on MacOS X, please join us then there. Derrick OpenAFS gatekeeper ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: vos dump authorization based on bos adduser?
On Fri, 8 Jun 2007, Adam Megacz wrote: Derrick J Brashear [EMAIL PROTECTED] writes: -localauth. (but aklog doesn't *require* ptserver; see afslog) bosserver can't depend on ptserver.. you indicate above that -localauth should be used in situations where bosserver must be used without any running ptservers? That's bos. i said bosserver can't depend on ptserver. Ok, point taken. Still, How does the bosserver decide you're eligible if there's no ptserver? Okay, take 2: first, bosserver checks the request to see if it was directly signed with the KeyFile (ie you invoked bos with -localauth). Since it has the KeyFile, it should be able to do this without the help of ptserver. If this is the case, it permits your request. If not, it tries to contact ptserver. If it is unable to contact the ptserver, it rejects your request. Is your concern that in the all-ptservers-are-down case, this leaves a thread/lwp on the bosserver waiting for a reply from the ptserver? I guess I can appreciate that that is sort of inelegant, but aren't there lots of places where stuff like this happens in the server code? Sure. Why do we want to add more? ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] eliminating non-ptserver authorization (was: vos dump authorization based on bos adduser)
On Fri, 8 Jun 2007, Adam Megacz wrote: Christopher D. Clausen [EMAIL PROTECTED] writes: So how would I issue bos shutdown for an entire cell, and then bos startup? I guess that's the only case where this is a problem. But how often does somebody without login access to any of the fileservers shut down an entire cell (for that matter, how often does anybody ever shut down an entire cell)? whether i have access or not should not force me to use it I'm going to write up a patch that does this. Whether or not it is agreeable to the gatekeepers is, of course, another matter entirely, but at least the patch will be out there for those who want it. we can argue about it. if you code it probably we can all agree on something ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] compile error on AIX 5.3 - softsig.c
On Thu, 7 Jun 2007 [EMAIL PROTECTED] wrote: Get this error while compiling on AIX 5.3. Maybe I gave more information than needed, and any help will be appreciated. Thanks ahead of time. DRXDEBUG -c ../util/softsig.c ../util/softsig.c, line 93.26: 1506-099 (S) Unexpected argument. which is sigwait(ss, sigw); So what does the man page on your box say sigwait takes? ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] compile error on AIX 5.3 - softsig.c
On Thu, 7 Jun 2007 [EMAIL PROTECTED] wrote: It takes set and sig, so I guess I should change that in softsig.c. Thanks! um, guess what? sigwait(ss, sigw); sigset_t ss int sigw; which are set and sig. I smell conflicting macros. On Thu, 7 Jun 2007 10:05:37 -0400 (EDT) Derrick J Brashear [EMAIL PROTECTED] wrote: On Thu, 7 Jun 2007 [EMAIL PROTECTED] wrote: Get this error while compiling on AIX 5.3. Maybe I gave more information than needed, and any help will be appreciated. Thanks ahead of time. DRXDEBUG -c ../util/softsig.c ../util/softsig.c, line 93.26: 1506-099 (S) Unexpected argument. which is sigwait(ss, sigw); So what does the man page on your box say sigwait takes? ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: vos dump authorization based on bos adduser?
On Thu, 7 Jun 2007, Adam Megacz wrote: Derrick J Brashear [EMAIL PROTECTED] writes: Actually, now that I think about it, if all the ptserver instances are down, how would an admin be able to aklog (in order to run bos commands)? -localauth. (but aklog doesn't *require* ptserver; see afslog) But localauth doesn't even require the bos adduser list... I guess I'm just wondering if the bos userlist can be eliminated and bosserver/volserver can use system:administrators instead. I'll write up a patch adding an option for this unless there's some reason why this is a Very Bad Idea. bosserver can't depend on ptserver.. I think we're going in circles here... didn't you indicate above that -localauth should be used in situations where bosserver must be used without any running ptservers? That's bos. i said bosserver can't depend on ptserver. Your mind is going in circles, my explanation is not. How does the bosserver decide you're eligible if there's no ptserver? Well, it times out and then just allows localauth. Timeout. Ick. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: cgi and afs?
On Thu, 7 Jun 2007, Adam Megacz wrote: Zach [EMAIL PROTECTED] writes: Curious if Open AFS already has a way to do this or plans on implementing it. I think CMU is running special in-house customized AFS. You want the WaklogPrincipal directive in UMBC's mod_waklog. http://www.umbc.edu/oit/iss/syscore/wiki/Mod_waklog Works quite nicely, though only with Apache 1.3 (for now). I'm pretty sure the Apache2 support I sent is already in CVS. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] vos dump authorization based on bos adduser?
On Tue, 5 Jun 2007, Adam Megacz wrote: I understand why all of the bos operations are checked against a separate authorization list (bos adduser) rather than membership in system:administrators -- the ptserver might be down and you need to use bos to get it back up. However, it seems that the volserver bases vos dump permission on whether or not a user's key is in the bos adduser list rather than whether or not they are in system:administrators. Is there a reason for this? You can have servers with a more limited set of admins. Actually, now that I think about it, if all the ptserver instances are down, how would an admin be able to aklog (in order to run bos commands)? -localauth. (but aklog doesn't *require* ptserver; see afslog) ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: vos dump authorization based on bos adduser?
On Tue, 5 Jun 2007, Adam Megacz wrote: Derrick J Brashear [EMAIL PROTECTED] writes: You can have servers with a more limited set of admins. If they have admin powers on even a single fileserver, can't they steal the KeyFile and wreak havoc? Actually, now that I think about it, if all the ptserver instances are down, how would an admin be able to aklog (in order to run bos commands)? -localauth. (but aklog doesn't *require* ptserver; see afslog) But localauth doesn't even require the bos adduser list... I guess I'm just wondering if the bos userlist can be eliminated and bosserver/volserver can use system:administrators instead. I'll write up a patch adding an option for this unless there's some reason why this is a Very Bad Idea. bosserver can't depend on ptserver.. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: dropbox semantics (irl)
On Thu, 31 May 2007, Adam Megacz wrote: We could make it so it effectively became create+append, but there are some tweaks which would need to be done. ... meaning that RXAFS_StoreData would be permitted only when storing to locations beyond the end of the file? Yeah, that sounds reasonable. And also RXAFS_RenameFile with the dropbox as a target. Well, it's not that simple. Consider what happens if some write RPCs are dropped. You have to allow holes to be filled. Perhaps a time limit would also make sense (if file's modification time is more than 1 hour prior to now, refuse all storedata's, even beyond the end of the file). You need to track the real modtime and not mtime, then. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: dropbox semantics (irl)
On Thu, 31 May 2007, Jeffrey Altman wrote: Adam Megacz wrote: Perhaps a time limit would also make sense (if file's modification time is more than 1 hour prior to now, refuse all storedata's, even beyond the end of the file). This would be inappropriate for logging. This is not something that can be fixed on the file server given the lack of a file handle equivalent issued by the file server. That is why the semantics of insert are enforced by the clients. You can't even enforce append-only on the file server because there is no guarantee that clients will write dirty chunks to the file server in a particular order. if you define append as only write to parts of the file which have no data yet you can ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] afsd gets unhappy when ThisCell has no root.afs and -dynroot not specified
On Thu, 31 May 2007, Jeffrey Altman wrote: Adam Megacz wrote: In case this leaves anybody else scratching their head... I discovered that with OpenAFS 1.4.4 and linux 2.6.20.4, if ThisCell refers to a cell which has no volume called root.afs, and you forget to specify -dynroot, afsd will hang on startup, and attempts to shut it down will cause this: slab error in kmem_cache_destroy(): cache `afs_inode_cache': Can't free all objects [c0159294] kmem_cache_destroy+0x7c/0xbf [f898a656] cleanup_module+0x1e/0x53 [openafs] [c0131986] sys_delete_module+0x130/0x194 [c014b8a8] remove_vma+0x31/0x36 [c014c256] do_munmap+0x16e/0x1c1 [c0102e30] syscall_call+0x7/0xb [c0400033] rpc_timeout_upcall_queue+0x35/0xc4 === I wouldn't call this a bug; it's a gross user configuration error -- but the failure mode is wierd enough that I thought I should mention it so that it turns up when people google the error message. - a Actually, I do consider this a bug, its just such a low priority bug that no one has gotten around to fixing it. When there is no dynroot, afsd must obtain the root.afs volume in order to complete its startup. It will attempt to mount it forever. The Windows AFS client will panic if the volume cannot be loaded after some period of time and freelance mode is not in use. Actually, the issue here is we don't note if the kmem cache was actually created before destroying it. We should fix it for 1.4.5 ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] dropbox semantics (irl)
On Wed, 30 May 2007, Adam Megacz wrote: I'm a bit confused about how dropbox semantics (that is, irl) work. As I understand it, irl gives the expected dropbox behavior because newly-created files are given an owner equal to the pts identity of the user who created the file. From that point on, the special exception owner may read+write a file with only 'i' acl lets the owner populate the file with data. But, if this is the case, what prevents the owner of the file from modifying it after closing the file? (I checked, they can't, but I don't understand what part of the protocol enforces this) I thought that -- at the protocol/fileserver level -- there was no RXAFS_CloseFile call. In other words, how does the server know when the client has executed a close() call so it can prohibit any RXAFS_StoreData's that come after it? Doesn't a close() look the same as an fsync() from the fileserver's perspective? Thanks for any clues! I'll augment the FAQ entry on dementia.org with whatever I learn. It's enforced in the fileserver. The logic is weird and i don't remember it, It may be that you can only extend the file. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] dropbox semantics (irl)
On Wed, 30 May 2007, Russ Allbery wrote: Derrick J Brashear [EMAIL PROTECTED] writes: It's enforced in the fileserver. The logic is weird and i don't remember it, It may be that you can only extend the file. Oh, okay, I'm wrong then. I must be remembering something different. I could just as easily be wrong. I don't remember anymore. The key is it's a hack ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] dropbox semantics (irl)
On Wed, 30 May 2007, Christopher D. Clausen wrote: Derrick J Brashear [EMAIL PROTECTED] wrote: On Wed, 30 May 2007, Russ Allbery wrote: Derrick J Brashear [EMAIL PROTECTED] writes: It's enforced in the fileserver. The logic is weird and i don't remember it, It may be that you can only extend the file. Oh, okay, I'm wrong then. I must be remembering something different. I could just as easily be wrong. I don't remember anymore. The key is it's a hack I think this previous thread still applies: http://www.openafs.org/pipermail/openafs-info/2005-December/020826.html And I'm pretty sure it is indeed client enforced. Try using arla and see if it works differently. I just went and read server code. Yeah, that thread is basically right. We could make it so it effectively became create+append, but there are some tweaks which would need to be done. The relevant check is src/viced/afsfileprocs.c in Check_PermissionRights ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] What is the best Linux to run openafs on?
On Wed, 23 May 2007, Mark B Henry wrote: Hello, I am running into problems compiling on SLES 10 with openafs 1.4.4. It stops me with the following error: checking whether to build osi_vfs.h... checking for linux kernel module build works... no configure: error: Fix problem or use --disable-kernel-module... See `config.log' for more details. Install the configured kernel headers. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Volume Creation Date Nonsense
On Thu, 24 May 2007, Jeff Blaine wrote: OpenAFS 1.4.4 client # ./vos examine fs1-a fs1-a 2023883361 RW 3 K On-line fs1.mitre.org /vicepa RWrite 2023883361 ROnly 0 Backup 2023883363 MaxQuota 5000 K CreationWed Dec 31 19:00:00 1969 CopyWed May 23 16:38:41 2007 Backup Wed May 23 23:25:09 2007 Last Update Wed May 23 16:38:05 2007 0 accesses in the past day (i.e., vnode references) RWrite: 2023883361Backup: 2023883363 number of sites - 1 server fs1.mitre.org partition /vicepa RW Site I didn't say anything that conflicted that... I can produce that. What I can't produce is more hours in the day. If you can show me which command does that, we're set. And wasting the hours I have at ORD isn't helpful either. Derrick J Brashear wrote: It's going to be a volser bug or race at create time. There's no reason anything else should fix it other than actually fixing the relevant code. I looked at the code cursorily over the weekend but haven't gotten further yet as work-work has taken precedence. On Wed, 23 May 2007, Jeff Blaine wrote: bash-3.2$ vos create fs1 a fs1-a Volume 2023883358 created on partition /vicepa of fs1 bash-3.2$ vos examine fs1-a fs1-a 2023883358 RW 2 K On-line fs1.mitre.org /vicepa RWrite 2023883358 ROnly 0 Backup 0 MaxQuota 5000 K CreationWed Dec 31 19:00:00 1969 Last Update Wed Dec 31 19:00:00 1969 0 accesses in the past day (i.e., vnode references) RWrite: 2023883358 number of sites - 1 server fs1.mitre.org partition /vicepa RW Site Ok, that's interesting. In the 1.4.4 openafs source I see; Last Update should never appear as Wed Dec 31 19:00:00 1969. A 0 date should instead appear as Never. However, Creation doesn't haev a check for a 0 date and will show up that way. /1/ what openafs version, os version, CPU architecture machine is your vos command? IBM AFS 3.6 patch ... something from last year on Solaris 9 SPARC (sun4u) 64-bit mode. or OpenAFS 1.4.2rc1 on RHELv3 SMP i686 or OpenAFS 1.4.3 on RHELv4 uniprocessor i686 Is your vos command built with any special options, such as --disable-full-vos-listvol-switch ??? No. /2/ what openafs version, os version, CPU architecture is your fileserver? Is your fileserver built with any special options, such as --enable-fast-restart, --enable-namei-fileserver, etc.? normally I'd also ask about your db servers, but I don't think that's related to this problem. OpenAFS 1.4.2 on Solaris 9 SPARC (sun4u) 64-bit mode And No Also some experiments: does running vos examine on a client machine with the opposite byte sex change anything? does running the vos commands (and creating a new volume) from a client running the 'latest generation' of openafs change anything? We *may* have a 1.4.4 RHELv5 box. I'll look. does bos salvage fs1 fs1-a fix this problem? No. does bos salvage fs1 -a fix this problem? I'm not in a position to do that. Do either report anything in SalvageLog? The former reports: @(#) OpenAFS 1.4.2 built 2006-12-05 05/23/2007 16:39:43 STARTING AFS SALVAGER 2.4 (/usr/afs/bin/salvager /vicepa 2023883361) 05/23/2007 16:39:53 Scanning inodes on device /dev/rdsk/c3t6006016012341600D86B14C7E294DA11d0s0... 05/23/2007 16:40:41 1 nVolumesInInodeFile 28 05/23/2007 16:40:42 SALVAGING VOLUME 2023883361. 05/23/2007 16:40:42 fs1-a (2023883361) updated 05/23/2007 16:38 05/23/2007 16:40:42 totalInodes 5 05/23/2007 16:40:42 Salvaged fs1-a (2023883361): 2 files, 3 blocks Does moving the volume to another server change anything? No Does touching a file in the volume change anything? It updates the Last Update info properly. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Volume Creation Date Nonsense
It's going to be a volser bug or race at create time. There's no reason anything else should fix it other than actually fixing the relevant code. I looked at the code cursorily over the weekend but haven't gotten further yet as work-work has taken precedence. On Wed, 23 May 2007, Jeff Blaine wrote: bash-3.2$ vos create fs1 a fs1-a Volume 2023883358 created on partition /vicepa of fs1 bash-3.2$ vos examine fs1-a fs1-a 2023883358 RW 2 K On-line fs1.mitre.org /vicepa RWrite 2023883358 ROnly 0 Backup 0 MaxQuota 5000 K CreationWed Dec 31 19:00:00 1969 Last Update Wed Dec 31 19:00:00 1969 0 accesses in the past day (i.e., vnode references) RWrite: 2023883358 number of sites - 1 server fs1.mitre.org partition /vicepa RW Site Ok, that's interesting. In the 1.4.4 openafs source I see; Last Update should never appear as Wed Dec 31 19:00:00 1969. A 0 date should instead appear as Never. However, Creation doesn't haev a check for a 0 date and will show up that way. /1/ what openafs version, os version, CPU architecture machine is your vos command? IBM AFS 3.6 patch ... something from last year on Solaris 9 SPARC (sun4u) 64-bit mode. or OpenAFS 1.4.2rc1 on RHELv3 SMP i686 or OpenAFS 1.4.3 on RHELv4 uniprocessor i686 Is your vos command built with any special options, such as --disable-full-vos-listvol-switch ??? No. /2/ what openafs version, os version, CPU architecture is your fileserver? Is your fileserver built with any special options, such as --enable-fast-restart, --enable-namei-fileserver, etc.? normally I'd also ask about your db servers, but I don't think that's related to this problem. OpenAFS 1.4.2 on Solaris 9 SPARC (sun4u) 64-bit mode And No Also some experiments: does running vos examine on a client machine with the opposite byte sex change anything? does running the vos commands (and creating a new volume) from a client running the 'latest generation' of openafs change anything? We *may* have a 1.4.4 RHELv5 box. I'll look. does bos salvage fs1 fs1-a fix this problem? No. does bos salvage fs1 -a fix this problem? I'm not in a position to do that. Do either report anything in SalvageLog? The former reports: @(#) OpenAFS 1.4.2 built 2006-12-05 05/23/2007 16:39:43 STARTING AFS SALVAGER 2.4 (/usr/afs/bin/salvager /vicepa 2023883361) 05/23/2007 16:39:53 Scanning inodes on device /dev/rdsk/c3t6006016012341600D86B14C7E294DA11d0s0... 05/23/2007 16:40:41 1 nVolumesInInodeFile 28 05/23/2007 16:40:42 SALVAGING VOLUME 2023883361. 05/23/2007 16:40:42 fs1-a (2023883361) updated 05/23/2007 16:38 05/23/2007 16:40:42 totalInodes 5 05/23/2007 16:40:42 Salvaged fs1-a (2023883361): 2 files, 3 blocks Does moving the volume to another server change anything? No Does touching a file in the volume change anything? It updates the Last Update info properly. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] openafs-1.4.4 RHEL RPM still installs nonempty SuidCells
On Tue, 22 May 2007, Berthold Cogel wrote: Berthold Cogel schrieb: IMHO the file should be left empty during installation/update. The SuidCells.dist file should be left empty ... What do you see that's using the file? ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Turning interfaces off
On Sun, 20 May 2007, ted creedon wrote: Unless I've missed something, afs now listens to any interface that is up, internal and external. now, as in this epoch? I thought that afs listened only to the interface that carried the host address and additional addresses could be added via the NetInfo file. Nope. Bound sockets when you want to bind multiple addresses? Not simple. How does one set up an internal afs server on a box that has both internal and external interfaces? thanks As someone else answered, -rxbind is your fiend. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] OAFS 1.5.20 MacOSX single arch only
For various reasons I had exactly one host available and it's somewhat hateful; I will deal later, but the real focus of this release was fixes for Windows On Fri, 18 May 2007, Matt Elliott wrote: The Binary release of OAFS 1.5.20 is single architecture only. Thanks, Matt ElliottProduction Systems Infrastructure 217-265-0257mailto:[EMAIL PROTECTED] ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Setting up OpenAFS server on AIX
On Tue, 15 May 2007, Karen L Eldredge wrote: When I attended the OpenAFS Workshop this year (version 7)I really wanted to talk with Tom Keiser about the particulars of setting up OpenAFS on AIX 5.3, because I was told he was one that has experience with AIX. Here are a few questions that come to mind and any help would be appreciated. Tom's answers are probably better than mine, but: Is it best to compile your own code or to use the code on the website? Is there a reason our builds will not work for you? If not, use them. If compiling your own code is best what are the options that should be used when compiling? If you don't like our builds, obviously it's because you want to pick your own (other) options, so I can't answer that :) We plan to use krb5.server which is shipped with the OS, and we thought we might setup legacy servers instead of using LDAP, or is it best to use LDAP? We haven?t started setting this define legacy servers ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] directory listing only with read permission?
On Tue, 15 May 2007, Holger Specht wrote: My system: Server: OpenAFS 1.4.4-osd built 2007-04-02 Client: OpenAfs 1.4.206 / 1.5.0001 / ... Try a client that isn't crufty? I suspect this is already fixed by inlinebulk in later 1.5; Running 1.5.1 is basically never interesting anymore. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Setting up OpenAFS server on AIX
On Tue, 15 May 2007, Karen L Eldredge wrote: The documentation that I've been looking at describes how to configure the Network Authenication Service servers using legacy configuration, which is when the configuration is stored in a database on the local system. Can you point us to what you're reading? ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] 1.5.19 build fails on SunOS 5.11 snv62 SPARC
On Sun, 13 May 2007, William Yang wrote: I'd like to suggest incorporating a good version of this patch into the Context is good. Maybe you could quote this patch, or if you've tested one, send it? main source tree since this bug also affects Solaris 10 Update 4 beta (which probably has backports from snv_6x). I've located one location in afs_server.c and two in rx_knet.c that are affected and which I manually patched based on the patch in the thread (in April). ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] problems building openafs on ubuntu ppc64
On Mon, 14 May 2007, Marcel Steinke wrote: Am Samstag, 12. Mai 2007 00:52 schrieb Russ Allbery: James Tyson [EMAIL PROTECTED] writes: I'm trying to build the openafs kernel modules using the debian/ ubuntu packages on ubuntu ppc64 on both G5 Mac's and an IBM Power5 machine. I'm using the following packages: linux-headers-2.6.20-15 linux-headers-2.6.20-15-powerpc64-smp linux-headers-powerpc64-smp linux-image-2.6.20-15-powerpc64-smp linux-image-powerpc64-smp linux-restricted-modules-2.6.20-15-powerpc64-smp linux-restricted-modules-common linux-restricted-modules-powerpc64-smp openafs-client openafs-modules-source What version of openafs-modules-source? I don't remember seeing exactly this problem, but I know that there was some issue with powerpc builds that's now fixed. I wish I could remember exactly what I ended up fixing. Enabling ucontext on all platforms seems to fix it for debian :-) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=419903 ucontext was probably it. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] AFS outage, impact of moving root.cell.readonly, root.afs.readonly
On Thu, 10 May 2007, Christopher D. Clausen wrote: Jeff Blaine [EMAIL PROTECTED] wrote: Christopher D Clausen [EMAIL PROTECTED] writes: And you did NOT use vos remsite on the replication point first? I suspect that would be a problem. There is no reason to 'vos remsite' a volume you are going to 'vos remove'. 'vos remove' performs the appropriate VLDB deletion for replicas just as it does for RWs. Really? I have had problems with a straight vos remove of a readonly not actually working the way it should. I have never had a problem using vos remsite and then vos zap. 'vos remsite': This command is useful for removing read-only sites that were mistakenly created with the vos addsite command, before the vos release command actually releases them. That seems like a waste of a command. It would only be used in very rare situations that are otherwise correctable (just vos release and then vos remove.) And why can't vos remove, vos zap or vos delentry be used to remove a non-released replica? consider the case that you remsite something temporarily, leave the data, and then addsite later when you want clients to see it again... ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] problem with long vos dump filenames on linux (possible buffer overflow?)
You copied openafs-bugs. Please don't. Send twice. On Wed, 9 May 2007, Stephen Joyce wrote: Is there a known filename limit on vos dump pathnames? This behavior seems undesirable. volser.h:#define NameLen 80 volser.p.h:#define NameLen 80 vos.c:char filename[NameLen]; vos.c:char afilename[NameLen], avolname[VOLSER_MAXVOLNAME + 1], apartName[10]; Yeah, this is dumb, it's being misapplied. This isn't going over the network. It should be MAXPATHLEN in both cases. Perhaps whatever came before usd_Open/USD_CLOSE was dumb. We lack source history. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: Problem with IP-Based ACLs
On Fri, 4 May 2007, Adam Megacz wrote: Todd M. Lewis [EMAIL PROTECTED] writes: Or think about it another way. When you become a member of a new group, you (may) have to re-authenticate for the change to take effect for ACLs in a given directory. Forgive my ignorance here... do AFS tokens include a (signed) list of what groups you belong to? no. just a timestamp. Does this mean that removing somebody from a group doesn't revoke their access until their current token expires? it does anyway - a ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Problem compiling openafs-1.4.4 on ia64_linux24
On Thu, 3 May 2007, Rainer Laatsch wrote: We get this error message at 'cc -O -g -O2 ... -c ./process.c' : you need the magic define for ucontext in the param file, and this should go away. #define USE_UCONTEXT this is fixed in cvs. process.c:114:2: #error Unsupported linux LWP system type. process.c: In function `savecontext': process.c:158: `LWP_SP' undeclared (first use in this function) process.c:158: (Each undeclared identifier is reported only once process.c:158: for each function it appears in.) process.c:181: warning: cast from pointer to integer of different size make[3]: *** [process.o] Error 1 make[3]: Leaving directory `/scratch/a0049/AFSKIT/openafs-1.4.4/src/lwp' make[2]: *** [lwp] Error 2 make[2]: Leaving directory `/scratch/a0049/AFSKIT/openafs-1.4.4' make[1]: *** [build] Error 2 [EMAIL PROTECTED] uname -a Linux altix1.rrz.uni-koeln.de 2.4.21-sgi305r1 #1 SMP Mon Mar 28 11:22:59 \ PST 2005 ia64 ia64 ia64 GNU/Linux [EMAIL PROTECTED] fs sysname Current sysname is 'ia64_linux24' Any help would be appreciated. Best regards Rainer Laatsch E-mail: [EMAIL PROTECTED] ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Problem compiling openafs-1.4.4 on ia64_linux24
On Thu, 3 May 2007, Rainer Laatsch wrote: Forwarded again because of mail rejection from mail.acampo.net: (no more space for mail) which is some random subscriber, i guess, who presumably didn' get it this time either :) Mit freundlichem Gruss Rainer Laatsch __ E-mail: [EMAIL PROTECTED] Universitaet zu Koeln Reg. Rechenzentrum (ZAIK/RRZK) Fax : (0221) 478-5590 Robert-Koch-Str. 10 Tel : (0221) 478-5582 D-50931 Koeln -- Forwarded message -- Date: Thu, 3 May 2007 11:43:20 +0200 (MEST) From: Rainer Laatsch [EMAIL PROTECTED] To: openafs-info@openafs.org Cc: Rainer Laatsch [EMAIL PROTECTED] Subject: Problem compiling openafs-1.4.4 on ia64_linux24 We get this error message at 'cc -O -g -O2 ... -c ./process.c' : process.c:114:2: #error Unsupported linux LWP system type. process.c: In function `savecontext': process.c:158: `LWP_SP' undeclared (first use in this function) process.c:158: (Each undeclared identifier is reported only once process.c:158: for each function it appears in.) process.c:181: warning: cast from pointer to integer of different size make[3]: *** [process.o] Error 1 make[3]: Leaving directory `/scratch/a0049/AFSKIT/openafs-1.4.4/src/lwp' make[2]: *** [lwp] Error 2 make[2]: Leaving directory `/scratch/a0049/AFSKIT/openafs-1.4.4' make[1]: *** [build] Error 2 [EMAIL PROTECTED] uname -a Linux altix1.rrz.uni-koeln.de 2.4.21-sgi305r1 #1 SMP Mon Mar 28 11:22:59 \ PST 2005 ia64 ia64 ia64 GNU/Linux [EMAIL PROTECTED] fs sysname Current sysname is 'ia64_linux24' Any help would be appreciated. Best regards Rainer Laatsch E-mail: [EMAIL PROTECTED] ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Problem with IP-Based ACLs
On Wed, 2 May 2007, Adnoh wrote: Hello @all I'm new to afs and have a litte problem which I'm not able to solve: I'm using openafs 1.4.1-r1 on a Gentoo-Linux box. I've created a folder /afs/.mydomain/test and a pts user 192.168.0.1 + 192.168.10.1 and a pts group afshosts with these users as members. then I fs setacl /afs/.mydomain/test afshosts all when I try to get to that dir from one of these hosts (unauthenticated) i come to /afs/.mydomain/ but when I wanne to get infos on test i get permission denied. did you wait up to 2 hours after setting the acl before you tried? ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] 1.5.19 build fails on SunOS 5.11 snv62 SPARC
On Wed, 25 Apr 2007, Derrick J Brashear wrote: 1252 is: for (ill = ILL_START_WALK_ALL(ctx) ; ill ; ill = ill_next(ctx, ill)) { This isn't our macro, so I gotta assume it changed. Perhaps this is also Jeff Blaine's problem. It's the compile environment rather than the compiler. Try this --- src/afs/afs_server.c10 Nov 2006 00:16:29 - +++ src/afs/afs_server.c30 Apr 2007 16:56:55 - @@ -1244,12 +1244,13 @@ #endif ill_t *ill; ipif_t *ipif; +ip_stack_t*ipst = ipif-ipif_ill-ill_ipst; int subnet, subnetmask, net, netmask; if (sa) sa-sa_iprank = 0; #ifdef AFS_SUN510_ENV -for (ill = ILL_START_WALK_ALL(ctx) ; ill ; ill = ill_next(ctx, ill)) { +for (ill = ILL_START_WALK_ALL(ctx, ipst) ; ill ; ill = ill_next(ctx, ill)) { #else for (ill = (struct ill_s *)*addr /*ill_g_headp */ ; ill; ill = ill-ill_next) { ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info