On Tue, 26 Jun 2012, Andrew Deason wrote:
On Tue, 26 Jun 2012 14:29:04 -0700
Tim Gustafson <[email protected]> wrote:
I was able to get past this problem by using FreeBSD's Kerberos
server. I was previously trying to integrate with our MIT Kerberos
server, but that seems to be problematic.
To be clear, that previous error should not be caused by any interaction
with the KDC; that is an error reached while just looking at the local
filesystem. It could have been triggered by troubles with the key
extraction, though.
So, I set up FreeBSD Kerberos and now I've gotten to this command:
root@host: pts createuser -name tjg -id 1234 -localauth
pts: Couldn't read/write the database ; unable to create user tjg with id 1234
Can you read from the database ('pts examine system:anyuser')? Is there
anything in PtLog? I don't know where PtLog is with the paths the
FreeBSD port uses, but it's wherever the other logs are. Can you check
that prdb.DB0 and prdb.DBSYS exist, and appear to be writeable by root?
I'm not sure where these are in the FreeBSD port, either, but they
At the moment, they are not initialized at all by the packaging, and I'm
not entirely sure where the binaries would be looking for them. truss(1)
should know, though.
should be in a /var/lib-like location.
I am told that you will need to use pt_util to initialize a protection
database as part of setting up a server.
I'm not sure if I've ever seen someone actually encounter that error
before. Keep in mind it may be possible you are encountering
BSD-specific bugs in OpenAFS, since I don't think modern AFS dbservers
on any BSD are very common. (Not that the servers should have much
platform-specific code in them...)
The servers should be portable; he is definitely running into issues with
the wiki page linked in the original message being incorrect.
I don't have more detailed instructions handy at the moment, though.
-Ben
P.S. Andrew, the instructions were originally from Tracy's talk but I
tweaked them so as to not require building from source by hand. This is
where some of the transarc/non-transarc path issues arose, but the prdb
initialization problems are more generic.
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
