Attached is the latest version of the single server OpenAFS install
script for OpenBSD 3.8/3.7.
This was built using OpenAFS 1.3.87 configured with
./configure --enable-transarc-paths --with-afs-sysname=i386_obsd37
I believe on 3.8 I had to copy over the /usr/include/ufs/extattr.h from
a 3.7 box in order to get the lkm to compile.
My server start script is called start.afs and it contains what could
merely appended to rc.securelevel and rc.
----snip start.afs------------------------
modload /usr/vice/etc/libafs.o
/usr/afs/bin/bosserver
/usr/afs/bin/afsd -stat 8000 -dcache 8000 -daemons 12 -volumes 256
-files 50000
-----snip-------------------------------
Please feel free to send me any updates, as I hope to finish this out
this week.
Thanks!
#!/bin/ksh
#
# Script to configure a single server OpenAFS Cell.
# This script assumes that you compiled OpenAFS with --enable-transarc-paths
# This will prompt you many times for the admin password.
#
#This is the BINDIR where afs installed it's items.
# If you Choose --enable-transarc-paths then choose this one:
BINDIR=/usr/afs/bin
#Otherwise it's most likely /usr/local/bin/ or /usr/local/sbin
#Some will be in sbin, some in bin, so you might end up with breakage.
Hopefully our logic below will get it right. Binary wise.
#BINDIR=/usr/local/bin
#change me to your name of your cell
CELLNAME=openbsd.org
#change me to your fqdn of the server
SERVER=bench.linbsd.org
#change me to your ip of your server
IP=192.168.0.111
#Change me if you want a larger disk cache than 191 meg
CACHESIZE=198112
#Test variable to make sure someone read through the script before blindly
running it. *<8o)
# If you read this then unset the following var
#DIDNOTREADSCRIPTFIRST=yes
# Variables for OpenAFS Specific binaries that are samenamed as arla binaries.
Set these if this script complains about not finding proper binaries
# Don't forget to uncomment
#BOS="${BINDIR:?}/bos"
#FS="${BINDIR:?}/fs"
#VOS="${BINDIR:?}/vos"
#PTS="${BINDIR:?}/pts"
#####Should not need to change anything below
here.####################################################################
export PATH=/usr/afs/bin:$PATH
ID=`whoami`
if [[ `whoami` != "root" ]]
then
echo "Please run this script as root. Thanks"
echo "After reading through it obviously"
fi
# First, locate all binaries for bos, kas, bosserver
if [[ -z $BOS ]]
then
BOS=`which bos`
fi
BC=`${BOS:?} help|grep -c ^`
echo "!Found $BOS with -$BC-"
if [[ $BC != "33" ]] then
echo "Bad BOS found. Please set \$BOS in this script to point to the
one for OpenBSD, not Arla"
exit
else
echo "Found $BOS for OpenAFS"
fi
if [[ -z $FS ]]
then
FS=`which fs`
fi
FC=`${FS:?} help|grep -c ^`
echo "Found $FS with -${FC:?}-"
if [[ $FC != "46" ]] then
echo "Bad FS found. Please set \$FS in this script to point to the one
for OpenBSD, not Arla"
exit
else
echo "Found $FS for OpenAFS"
fi
if [[ -z $VOS ]]
then
VOS=`which vos`
fi
VC=`${VOS:?} help|grep -c ^`
echo "Found $VOS with -${VC:?}-"
if [[ $VC != "36" ]] then
echo "Bad VOS found. Please set \$VOS in this script to point to the
one for OpenBSD, not Arla"
exit
else
echo "Found $VOS for OpenAFS"
fi
if [[ -z $PTS ]]
then
PTS=`which pts`
fi
if [[ ${DIDNOTREADSCRIPTFIRST:?} = "yes" ]]
then
echo "So you were just going to run this script without reading the
initial part?"
echo "Please go read the script and set/unset the right variables.
Thanks!"
exit
fi
PC=`${PTS:?} help|grep -c ^`
echo "Found $PTS with -$PC-"
if [[ $PC != "17" ]] then
echo "Bad PTS found. Please set \$PTS in this script to point to the
one for OpenBSD, not Arla"
exit
else
echo "Found $PTS for OpenAFS"
fi
echo -n "Please enter the initial password you wish to use with the 'admin'
user -->"
stty -echo
read passwd1
stty echo
echo -n "\nPlease confirm -->"
stty -echo
read passwd2
stty echo
if [[ ${passwd1:?} != ${passwd2:?} ]]
then
echo "\n passwords did not match. Exiting. Please rerun"
exit
else
echo "\n passwords look good"
unset passwd2
fi
# Beware this does not follow hier(7)
# These are transarc paths.
if [[ ! -d /usr/vice/etc ]]
then
mkdir -p /usr/vice/etc/ || return 1
echo "made /usr/vice/etc"
fi
echo "${CELLNAME:?}" > /usr/vice/etc/ThisCell
echo ">${CELLNAME:?} #Cell name
${IP:?} #${SERVER:?}" > /usr/vice/etc/CellServDB
mkdir -p -m 0755 /afs || return 1
echo "/afs:/usr/vice/cache:${CACHESIZE:?}" > /usr/vice/etc/cacheinfo
mkdir -p /usr/vice/cache || return 1
# Found these needed for 3.7 --enable-transarc-paths
if [[ ! -d /usr/afs/etc ]]
then
ln -s /usr/vice/etc /usr/afs/etc || return 1
fi
if [[ -f /usr/vice/etc/libafs.o ]]
then
/sbin/modload /usr/vice/etc/libafs.o
fi
pkill -x kaserver buserver ptserver vlserver bosserver
if [[ -d /usr/afs/db ]]
then
rm -rf /usr/afs/db
fi
bosserver -noauth &
echo "!$BOS setcellname $SERVER $CELLNAME -noauth"
$BOS setcellname $SERVER $CELLNAME -noauth
echo "!$BOS listhosts $SERVER -noauth"
$BOS listhosts $SERVER -noauth
$BOS delete $SERVER kaserver
echo "!$BOS create $SERVER kaserver simple $BINDIR/kaserver -cell $CELLNAME
-noauth"
$BOS create $SERVER kaserver simple $BINDIR/kaserver -cell $CELLNAME -noauth
$BOS delete $SERVER buserver
echo "!$BOS create $SERVER buserver simple $BINDIR/buserver -cell $CELLNAME
-noauth"
$BOS create $SERVER buserver simple $BINDIR/buserver -cell $CELLNAME -noauth
$BOS delete $SERVER ptserver
echo "!$BOS create $SERVER ptserver simple $BINDIR/ptserver -cell $CELLNAME
-noauth"
$BOS create $SERVER ptserver simple $BINDIR/ptserver -cell $CELLNAME -noauth
$BOS delete $SERVER vlserver
echo "!$BOS create $SERVER vlserver simple $BINDIR/vlserver -cell $CELLNAME
-noauth"
$BOS create $SERVER vlserver simple $BINDIR/vlserver -cell $CELLNAME -noauth
echo "!kas create afs -cell $CELLNAME -noauth -initial_password passwd1"
kas create afs -cell $CELLNAME -noauth -initial_password $passwd1
echo "!kas create admin -cell $CELLNAME -noauth -initial_password $passwd1"
kas create admin -cell $CELLNAME -noauth -initial_password $passwd1
echo "!kas examine afs -cell $CELLNAME -noauth -admin_username admin
-password_for_admin passwd1"
kas examine afs -cell $CELLNAME -noauth -admin_username admin
-password_for_admin $passwd1
echo "!kas setfields admin -flags admin -cell $CELLNAME -noauth -admin_username
admin -password_for_admin passwd1"
kas setfields admin -flags admin -cell $CELLNAME -noauth -admin_username admin
-password_for_admin $passwd1
echo "!kas examine admin -cell $CELLNAME -noauth -admin_username admin
-password_for_admin $passwd1"
kas examine admin -cell $CELLNAME -noauth -admin_username admin
-password_for_admin $passwd1
echo "!$BOS adduser $SERVER admin -cell $CELLNAME -noauth "
$BOS adduser $SERVER admin -cell $CELLNAME -noauth
echo "!$BOS addkey $SERVER -kvno 0 -cell $CELLNAME -noauth"
$BOS addkey $SERVER -kvno 0 -cell $CELLNAME -noauth #cant stop it from
prompting this one... sorry
echo "!$BOS listkeys $SERVER -cell $CELLNAME -noauth"
$BOS listkeys $SERVER -cell $CELLNAME -noauth
echo "!kas setpassword afs -kvno 1 -cell $CELLNAME -noauth -admin_username
admin -password_for_admin $passwd1"
kas setpassword afs -kvno 1 -cell $CELLNAME -noauth -admin_username admin
-password_for_admin $passwd1
echo "!kas examine afs -cell $CELLNAME -noauth -admin_username admin
-password_for_admin $passwd1"
kas examine afs -cell $CELLNAME -noauth -admin_username admin
-password_for_admin $passwd1
echo "!$BOS addkey $SERVER -kvno 1 -cell $CELLNAME -noauth #cant stop it from
prompting this one... sorry"
$BOS addkey $SERVER -kvno 1 -cell $CELLNAME -noauth #cant stop it from
prompting this one... sorry
echo "!$BOS listkeys $SERVER -cell $CELLNAME -noauth"
$BOS listkeys $SERVER -cell $CELLNAME -noauth
echo "!$PTS createuser -name admin -cell $CELLNAME -noauth"
$PTS createuser -name admin -cell $CELLNAME -noauth
echo "!$PTS adduser admin system:administrators -cell $CELLNAME -noauth"
$PTS adduser admin system:administrators -cell $CELLNAME -noauth
echo "!$PTS membership admin -cell $CELLNAME -noauth"
$PTS membership admin -cell $CELLNAME -noauth
echo "!$BOS restart $SERVER -all -cell $CELLNAME -noauth"
$BOS restart $SERVER -all -cell $CELLNAME -noauth
echo "!$BOS create $SERVER fs $BINDIR/fileserver $BINDIR/volserver
$BINDIR/salvager -cell $CELLNAME -noauth"
$BOS create $SERVER fs fs $BINDIR/fileserver $BINDIR/volserver
$BINDIR/salvager -cell $CELLNAME -noauth
echo "!$BOS status $SERVER fs -long -noauth"
$BOS status $SERVER fs -long -noauth
echo "!$VOS create $SERVER /vicepa root.afs -cell $CELLNAME -noauth"
$VOS create $SERVER /vicepa root.afs -cell $CELLNAME -noauth
echo "!$VOS syncvldb $SERVER -cell $CELLNAME -verbose -noauth"
$VOS syncvldb $SERVER -cell $CELLNAME -verbose -noauth
echo "!$VOS syncserv $SERVER -cell $CELLNAME -verbose -noauth"
$VOS syncserv $SERVER -cell $CELLNAME -verbose -noauth
echo "!$BOS create $SERVER upserver simple "$BINDIR/upserver -crypt
/usr/afs/etc -clear /usr/afs/bin" -cell $CELLNAME -noauth"
$BOS create $SERVER upserver simple "$BINDIR/upserver -crypt /usr/afs/etc
-clear /usr/afs/bin" -cell $CELLNAME -noauth
if ! pgrep ntpd>/dev/null; then
echo "!$BOS create $SERVER runntp simple "$BINDIR/runntp -localclock"
-cell $CELLNAME -noauth"
$BOS create $SERVER runntp simple "$BINDIR/runntp -localclock" -cell
$CELLNAME -noauth
fi
echo "!klogging as admin"
/usr/afs/bin/klog -principal admin -password $passwd1
echo "!$FS setacl /afs system:anyuser rl"
$FS setacl /afs system:anyuser rl
echo "!$VOS create $SERVER /vicepa root.cell"
$VOS create $SERVER /vicepa root.cell
echo "!$FS mkmount /afs/$CELLNAME root.cell"
$FS mkmount /afs/$CELLNAME root.cell
echo "!$FS setacl /afs/$CELLNAME system:anyuser rl"
$FS setacl /afs/$CELLNAME system:anyuser rl
echo "!$BOS shutdown $SERVER -wait"
$BOS shutdown $SERVER -wait
pkill -TERM bosserver
echo "That's it. A reboot might be needed to make sure everything comes up"
