There's an easier solution, which works well here, but has drawbacks.

Maintain a MINIMAL local VLDB containing only your local site's
servers, so that each client can boot and see its local cell. When AFS
has started, run a script which uses a single
/afs/<site>/common/etc/CellServDB to fs newcell the rest of the world.
Only one file needs updating.

Drawback; despite what AFS manuals claim, various things still insist
on looking at the local /usr/vice/etc/CellServDB. klog is one, which is
irritating when one wants a tokens for a foreign cell.

Please Transarc, once all the cells are configured in afsd, update
binaries so that they DON'T look at the file any more. And, while
you're about it, an fs command which can bulk update the configuration
>From a new/updated CellServDB instead of forcing me to write a script
like /afs/pegasus.cranfield.ac.uk/common/etc/CSDB_newcell.nawk.

There is a caveat with using BIND for cell server info. The database
servers serve Kerberos tickets. The client have to trust the database
servers, hence have to trust the nameserver which tells it where the
database servers. There are Kerberos authenticated name servers in
existence, but this does complicate matters.

Peter Lister                                    [EMAIL PROTECTED]
Computer Centre,
Cranfield Institute of Technology,        Voice: +44 234 754200 ext 2828
Cranfield, Bedfordshire MK43 0AL UK         Fax: +44 234 750875

Reply via email to