Problem solved by using the key for afs/[email protected], instead of [email protected]. I don't know why I cannot use the later.
So the section about the Kerberos principal and key in the guide at http://www.debian-administration.org/article/OpenAFS_installation_on_Debian should be: sudo rm -f /tmp/afs.keytab sudo kadmin.local Authenticating as principal root/[email protected] with password. kadmin.local: addprinc -policy service -randkey -e des-cbc-crc:v4 afs/spinlock.hr Principal "afs/[email protected]" created. kadmin.local: ktadd -k /tmp/afs.keytab -e des-cbc-crc:v4 afs/spinlock.hr Entry for principal afs with kvno 3, encryption type DES cbc mode with CRC-32 added to keytab WRFILE:/tmp/afs.keytab. kadmin.local: quit On Fri, May 1, 2009 at 11:41 AM, Xiong Jiang <[email protected]> wrote: > Error when run aklog. > I don't know why it tries to get ticket for afs/[email protected], > afs/m...@mytv, a...@mytv, while I only have principal [email protected]. > > Any idea? > > aklog -d > Authenticating to cell mytv (server mytv). > Trying to authenticate to user's realm MYTV.HOME. > Getting tickets: afs/[email protected] > We've deduced that we need to authenticate using referrals. > Getting tickets: afs/mytv@ > We've deduced that we need to authenticate to realm MYTV. > Getting tickets: afs/m...@mytv > Getting tickets: a...@mytv > Kerberos error code returned by get_cred : -1765328377 > aklog: Couldn't get mytv AFS tickets: > aklog: unknown RPC error (-1765328377) while getting AFS tickets > > The principals I have are: > r...@mytv:/etc/openafs# kadmin.local > Authenticating as principal root/[email protected] with password. > kadmin.local: listprincs > K/[email protected] > [email protected] > [email protected] > kadmin/[email protected] > kadmin/[email protected] > kadmin/[email protected] > krbtgt/[email protected] > root/[email protected] > > > On Fri, May 1, 2009 at 11:33 AM, Xiong Jiang <[email protected]> wrote: >> Finally, I get the cell created after managed to rewind/delete the >> server processes in bosserver. >> >> I think the reboot makes difference but still don't know what stale >> status it did clean up. >> >> Maybe I'll try a fresh start again some time later. >> >> Xiong >> >> On Fri, May 1, 2009 at 5:27 AM, Xiong Jiang <[email protected]> wrote: >>> Hi there, >>> >>> I am installing OpenAFS on ubuntu karmic following the doc at: >>> http://www.debian-administration.org/article/OpenAFS_installation_on_Debian >>> >>> The OpenAFS version is 1.4.9.dfsg1-0+ubuntu3 >>> >>> I got error when running afs-newcell: >>> ... >>> bos setrestart mytv.home -time never -general -localauth >>> Waiting for database elections: done. >>> vos create mytv.home a root.afs -localauth >>> vos : partition a does not exist on the server >>> Failed: 65280 >>> >>> Cell setup failed, ABORTING >>> >>> and in /var/log/openafs/FileLog there is error: >>> Fri May 1 04:59:13 2009 File server starting >>> Fri May 1 04:59:13 2009 afs_krb_get_lrealm failed, using mytv.home. >>> Fri May 1 04:59:13 2009 Couldn't get CPS for AnyUser, will try again in 30 >>> seconds; code=267275. >>> >>> I verified that no partition is created by fileserver. How to >>> troubleshoot the error "Couldn't get CPS for AnyUser..." >>> >>> Any hint is appreciated. >>> >>> Xiong >>> >> > _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
