Hello, I'm quite new in both the kerberos and the afs world. I'm trying to start an afs cell in my home network. The machine I'm starting install to is a x86 debian 2.6.10 machine and for a lot of other reason I would like not go back to the 2.4 kernel series. So, in order to have the kernel module I've installed the 1.3.74 version of openafs from the experimental debian repository. As kerberosV implementation I'm using heimdal 0.6.3 as provided in the unstable debian repository.
I've followed the instruction on http://www.hpc2n.umu.se/support/showdoc.html?doc=admin/afs/server/initial as their setup reflect mine. All goes as expected until the 6.5 step, the one where I create the volumes and I should mount them on /afs partition. After a bit of trouble, caused by the delay between the fileserver restart and the exact time when it's ready to issue the volume creation commands, I was able to create the root.afs and root.cell volumes. Then it's said to kinit into the admin account specified before and issue some "fs mkm" commands. It's not said but I suppose I've to start the afs client to mount the /afs directory as an AFS filesystem. I'm at this point and: deathstar:~# fs mkm /afs/inet6.info root.cell -cell inet6.info -fast fs: You don't have the required access rights on '/afs/inet6.info' This is what I get. I don't have the required access rights. I've looked at the heimdal log, but seems that no request is made to the kerberos at this point, so no clue there. I've googled a bit and I have found that I should issue the "afslog" command to get tokens or something. So, after a bit of problems caused by a misconfiguration of the heimdal kdc (about krb4 support), and some strange but time-related problem with afslog (at one point all tries with afslog ended in some Unknown errors, but the problem solved by himself waiting few hours) I was able to issue the afslog command without errors and get tokens: deathstar:~# afslog -v krb5 tried [EMAIL PROTECTED] -> -1765328377 krb5 tried afs/[EMAIL PROTECTED] -> 0 deathstar:~# tokens Tokens held by the Cache Manager: Tokens for [EMAIL PROTECTED] [Expires Jan 14 22:38] --End of list-- but: deathstar:~# fs mkm /afs/inet6.info root.cell -cell inet6.info -fast fs: You don't have the required access rights on '/afs/inet6.info' still there. I'm quite lost, and I hope someone of you can show me the right road. Thanks. -- --- Hagbard Celine _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
