On Friday, September 02, 2005 02:27:34 AM +0200 Martin MOKREJ© <[EMAIL PROTECTED]> wrote:
Please improve the messages so that user knows what actually has failed. # rm /usr/afs/etc/KeyFile # /usr/afs/bin/bos listkeys -server phylo -localauth
Well, "-localauth" tells bos that it should open the KeyFile, read a key out of it, and use it to print a ticket with which to talk to the bosserver.
bos: could not find entry (getting key from local KeyFile)
This means it was unable to find an entry in the KeyFile to use for that purpose. In this case, the reason happens to be because you have no KeyFile, but 'bos' doesn't know that -- all it knows is it called a library routine to fetch a key, and the routine said "there is no such key".
bos: running unauthenticated
This is bos telling you what it's going to do instead - it will try the operation you asked for, but without authentication.
Next comes the list of keys it retrieved from the bosserver -- all zero of them, since you have no KeyFile. Normally this is a privileged operation, but for some reason (probably because you had no KeyFile), the bosserver is operating in noauth mode, and will allow anyone to perform any operation.
All done.
And finally, this line marks the end of the list of keys.
# cp /usr/vice/etc/KeyFile /usr/afs/etc/KeyFile # /usr/afs/bin/bos listkeys -server phylo -localauth bos: ticket contained unknown key version number error encountered while listing keys
Now here, you've copied a KeyFile into place, and run bos again. Now bos finds the KeyFile and loads an entry, but since you changed the KeyFile behind the bosserver's back, _it_ doesn't know about the new key, which it reports with the error code for "ticket contained unknown key version number".
So, the problem here is that you changed the KeyFile behind the bosserver's back, instead of using the supported interface for that (bos addkey) or restarting the bosserver after you made the change. I'm sorry, but we don't have an error message for that. Once you tell us how 'bos' is supposed to figure that out and distinguish it from similar problems like "your local KeyFile doesn't match the one the server is using", "you deleted the key you were using", and "the kvno's in the KeyFile and KDB don't match", let us know, and maybe we'll add an error. In the meantime, well, sometimes when you encounter an error you have to do some troubleshooting.
-- Jeffrey T. Hutzelman (N3NHS) <[EMAIL PROTECTED]> Sr. Research Systems Programmer School of Computer Science - Research Computing Facility Carnegie Mellon University - Pittsburgh, PA _______________________________________________ OpenAFS-devel mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-devel
