"after 2 hours" is the CPS refresh interval. aklog -force would have done it instantly, tho it doesn't explain what the problem was.
On Wed, Apr 13, 2011 at 12:19 PM, Michal Svamberg <[email protected]> wrote: > I update krb5.conf on fileserver elektra2, after 2 hours was all in order. > But same old krb5.conf file is on elektra1 without problems. I was this > problem with group "system:av", when I used system:administrators, then > priviledges were applied correctly. > > Now is this problem solved, thanks for ideas. > Michal. > > On Wed, Apr 13, 2011 at 17:04, Derrick Brashear <[email protected]> wrote: >> On Wed, Apr 13, 2011 at 9:33 AM, Michal Svamberg <[email protected]> wrote: >>> Hello, >>> I have two same fileservers for user volumes - elektra1.zcu.cz and >>> elektra2.zcu.cz >>> The problem is only on all (I tested on 4 volumes) volumes at elektra2 >>> server. >>> The group 'system:av' have rlidwka rights, but the rights is not applied. >>> >>> $ fs la . >>> Access list for . is >>> Normal rights: >>> system:av rlidwka >>> meta-hosts l >>> zcu.cz rl >>> jvarga rl >>> >>> $ pts mem svamberg.root >>> Groups svamberg.root (id: 129) is a member of: >>> adm:backup >>> system:av >>> lps.root >>> system:faidev >>> system:faiadministrators >>> system:administrators >>> system:tftpboot >>> system:root >>> >>> $ tokens >>> Tokens held by the Cache Manager: >>> >>> User's (AFS ID 129) tokens for [email protected] [Expires Apr 13 18:35] >>> --End of list-- >>> >>> $ touch x >>> touch: cannot touch `x': Permission denied >>> >>> $ fs exa . >>> File . (876024890.1.1) contained in volume 876024890 >>> Volume status for vid = 876024890 named user.jvarga >>> Current disk quota is 1000000 >>> Current blocks used are 583253 >>> The partition has 157451567 blocks available out of 292871036 >>> >>> I don't know where is problem. I haven't this problem on volumes at >>> elektra1.zcu.cz. >>> Any ideas? >> >> is the time wrong on elektra2, or anything of note in the FileLog? my >> guess here would be that the fileserver >> can't verify your identity, meaning you'd presumably see a >> pr_Initialize failure in the FileLog. >> >> if you enable auditlogs (the -auditlog parameter to the fileserver) it >> will tell you what identity it believes you have >> in the audit event for your request (in this case, presumably a createfile) >> >> >> -- >> Derrick >> > _______________________________________________ > OpenAFS-info mailing list > [email protected] > https://lists.openafs.org/mailman/listinfo/openafs-info > -- Derrick _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
