Hi, Here at work, we're trying to set up our first openafs fileserver under debian stable, sparc64, kernel 2.6.16.18 The openafs server suite is fully taken from debian stable repository, while openafs-modules sources is 1.4.2~fc2 taken from unstable since stable is only 1.3.81 and does not support sparc64 2.6 kernel.
I followed the guide located at http://www.debianplanet.org/node.php?id=816 and my problems begins with 'fs setacl /afs system:anyuser rl'. The error is : "fs: You don't have the required access rights on '/afs'" Here is the list of commands I issued : ralingwb06:/usr/src# /etc/init.d/openafs-client start which produces [ 0.026700] Warning: failed to find address of 32-bit system call table [ 0.104942] System call hooks will not be installed; proceeding anyway [ 0.223647] Starting AFS cache scan...found 0 non-empty cache files (0%). then ralingwb06:/usr/src# kinit Password for [EMAIL PROTECTED]: ralingwb06:/usr/src# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: [EMAIL PROTECTED] Valid starting Expires Service principal 09/25/06 11:28:50 09/25/06 21:28:48 krbtgt/[EMAIL PROTECTED] Kerberos 4 ticket cache: /tmp/tkt0 klist: You have no tickets cached ralingwb06:/usr/src# aklog ralingwb06:/usr/src# tokens Tokens held by the Cache Manager: User's (AFS ID 1) tokens for [EMAIL PROTECTED] [Expires Sep 25 21:28] --End of list-- ralingwb06:/usr/src# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: [EMAIL PROTECTED] Valid starting Expires Service principal 09/25/06 11:28:50 09/25/06 21:28:48 krbtgt/[EMAIL PROTECTED] 09/25/06 11:28:55 09/25/06 21:28:48 [EMAIL PROTECTED] Kerberos 4 ticket cache: /tmp/tkt0 klist: You have no tickets cached When I issue 'fs la /afs', I got this in logfile : 2.079415] afs: Tokens for user of AFS id 1 for cell ral.admin are discarded (rxkad error=19270410) translate_et 19270410 says "sealed data inconsistent". Could this be due to the fact that I'm using 1.4.2fc2 client against a 1.3.81 fileserver ? while investigating, I found that 'aklog' produces the following in krb5kdc.log : Sep 25 11:43:18 ralingwb06 krb5kdc[14155](info): TGS_REQ (1 etypes {1}) 172.24.0.8: UNKNOWN_SERVER: authtime 1159177388, [EMAIL PROTECTED] for afs/[EMAIL PROTECTED], Server not found in Kerberos database Sep 25 11:43:18 ralingwb06 krb5kdc[14155](info): TGS_REQ (1 etypes {1}) 172.24.0.8: ISSUE: authtime 1159177388, etypes {rep=16 tkt=1 ses=1}, [EMAIL PROTECTED] for [EMAIL PROTECTED] The "server not found" sounds strange.. Are this two lines related to the same authentication ? I mean, does aklog first try afs/[EMAIL PROTECTED] which fails and then [EMAIL PROTECTED] which successes ? PS : The admin member seems ok : ralingwb06:/var/log# pts membership admin Groups admin (id: 1) is a member of: system:administrators Any idea where I could be wrong ? Thx. JF _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
