Re: [OpenAFS] Package Management in AFS
Am 20.12.2010 19:26, schrieb Booker Bense: > My 2 cents... Outside of a few very specialized apps, putting software > in AFS is a losing proposition these days. Since local disk space is > growing so fast, there really is little justification for not simply > using the package management system > of the OS and simply installing locally. That would again mean that the sw had to be installed over and over again, on every single machine. That may be OK for 2 or 5 machines, but for a larger number this becomes a tedious task. And what about diskless clients? > AFS is a great place to store rpms, dpkgs, etc... But there is so > much sysadmin overhead in deploying apps in AFS, that unless you have a > very standardized client base it simply isn't worth it for > 99.9% of applications. I don't get that point. If there was an AFS aware package manager out there (which was my question), then that overhead would drop to (nearly) zero. Bye... Dirk ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
[OpenAFS] Package Management in AFS
Hi, I'm currently thinking about a good way to deploy software packages in (eventually replicated) AFS volumes. One possible way I can think of is to use (x)stow, but that would imply a lot of manual work (download, unpack, compile, install to rw volume, xstow, vos release). Does anyone know of a simpler (more automated) solution, maybe something like Gentoo portage or Nix? Thanks... Dirk ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] AFS version of sudo for admin ?
Am Freitag 17 Dezember 2010, um 15:29:41 schrieb John Tang Boyland: > Does anyone know of a "sudo" like command for AFS admin commands? Errh, what about sudo? You could create a special kerberos principal with a random key ("scripts"), which is stored in a keytab ("/etc/scripts.keytab"). Also make it an afs user and put it into system:administrators. Put the following commands at the beginning of your script: export KRB5CCNAME=/tmp/krb5cc_scripts kinit -k -t /etc/scripts.keytab scripts aklog and these ones at the end: unlog kdestroy The rest is configuring sudo properly so that only selected users can execute the script. HTH... Dirk ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Overview? Linux filesystem choices
Am 28.09.2010 21:49, schrieb Russ Allbery: > Jeff Blaine writes: > >> What's the tried-and-true production-quality Linux equivalent? >> Anything? Last I read, nothing. > > There's nothing really equivalent to ZFS. > >> Barring an equivalent, what Linux setup... > >> a) seems most stable >> b) is fsck-less > >> Even quick grunt responses are appreciated. > > We use ext3. It isn't the fastest or the most featureful, but it's the > core file system that everyone uses on Linux and for us it's been rock > solid. You're the least likely to run into strange problems. > > Lots of people also use XFS, and it should be reasonably stable. I would > avoid ReiserFS and JFS due to lack of developers and widespread use. > > ext4 is getting to the point that it's mature enough to use, but I'm not > sure I'd trust it yet. I run btrfs already, which is (or will be) equivalent to ZFS (somehow). Bye... Dirk signature.asc Description: OpenPGP digital signature
Re: [OpenAFS] MS Access databases on AFS
Am 22.09.2010 18:38, schrieb Richard Heggs: > I remember reading severe warnings and dire imprecations about putting > MS Access databases on AFS filesystems, about 5 years ago. Is it still > considered dangerous? > > The server is running 1.4.11 on Linux. > The clients are XP (and shortly Win 7), and will shortly be upgraded to > 1.5.77 > > Any advice would be appreciated. First, I wouldn't consider Access a database, since real database allows concurrent access etc. Having said that, did you consider putting your data into a real RDBMS (PostgreSQL, for example) and use Access as a frontend only (via ODBC)? HTH... Dirk signature.asc Description: OpenPGP digital signature
Re: [OpenAFS] Read-only replication
Am Donnerstag 17 Juni 2010, 01:06:34 schrieb Jaap Winius: > This subject is confusing to me, because I've learned that once a > client has encountered a read-write mount point, it becomes biased > towards accessing only read-write replicas beyond it, ignoring any and > all perfectly usable read-only volumes that may be available. Not quite. See http://docs.openafs.org/AdminGuide/ch05s07.html#HDRWQ209 HTH... Dirk signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] Re: Getting started with OpenAFS
Am Freitag 30 April 2010, um 17:00:54 schrieb Andrew Deason: > Traditionally, the convention of paths goes something > like this: > > /afs// > > for the RO path, and > > /afs//. > > for the RW path. (And /afs/./ provides an RW path for > anything). But AFAIK the "." path is only relevant if RO replicas exist for a given RW volume, right? If there aren't any ROs for an RW, the path is also "/afs//", isn't it? Bye... Dirk ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Shared r/w access to numerous sqlite databases: an appropriate application for AFS?
Am Donnerstag 08 April 2010 13:22:09 schrieb Todd Lewis: > I happen to be facing exactly that same problem at the moment, so I'm > hopeful (doubtful, but hopeful) someone will step up and prove me wrong. Well, I won't. But why don't you both simply install a real Db server, like PostgreSQL, for example? Bye... Dirk ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Filesystem Types & FSCK
Am Montag 22 März 2010 15:57:23 schrieb J: > So I'm wondering whether you have any advice or comments about any of this. You could use XFS, it doesn't even have fsck (it's a dummy, to make distribution's boot scripts happy). Bye... Dirk ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] about failover - 2 servers (one "master" one replicas) - a bit long
Am Montag 22 März 2010 10:43:51 schrieb Vladimir Konrad: > Would you please give me few pointers on what to try to have AFS clients > work even if the B goes down? Create r/o replicas on A (and on the same vice partition), too. The problem with your setup is that OpenAFS clients use the r/o path to access data in replicated volumes, but you have put all your r/o replicas on one single machine, so you have created a single point of failure. You should also balance your r/w volumes between both servers. > Ideally, it should work even if A goes down > and the read-only volumes are converted to read/write. OpenAFS is not designed for automatic failover. HTH... Dirk ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Best Filesystem
Am Sonntag, 12. April 2009 18:15:59 schrieb Jason C. Wells: > Dirk Heinrichs wrote: > > So your server OS is Solaris > > No. My server OS is debian. My client OS are FreeBSD, debian, XP. Your > assumption that file system suitability is determined purely by OS is > limited. YMMV, but I would only use a filesystem that was originally developed for my OS or at least well tested on this OS, especially when it should store my valuable data. > ZFS appears to ready for prime time on BSD and Linux or it > will be soon enough for me to start thinking about adopting it. Yes, there's something called ZFS for Linux. But that's a FUSE (Filesystem in USErspace) thing. That module is also in very early stages of development and its status page shows a lot of things which don't work, and some that will never work, due to FUSE limitations. I'd say your chances will be better if you wait for another year and try btrfs, then (you can also try it now, with linux 2.6.29, but I would suggest to try it on test systems only). So, on Linux as a server, use one of the "big 4" (ext[23], xfs, reiser or jfs) for vice partitions. For Linux clients, use ext2. For FreeBSD and XP, I don't know what's the best FS for the client cache. Bye... Dirk ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Best Filesystem
Am Sonntag, 12. April 2009 10:01:22 schrieb Jason C. Wells: > Amongst UFS2, EXT3, and ZFS, which is most recommended for use as a > backing store for AFS? UFS2 and ZFS are Solaris, EXT3 is Linux. What is your server OS? > Which for the AFS client cache? That depends on your client OS. > I am considering adopting ZFS. So your server OS is Solaris? Bye... Dirk ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] encrypted volumes
Am Freitag, 6. Februar 2009 21:45:02 schrieb Christof Hanke: > Sorry, but I think you see this from the wrong angle. > The point I think here is to protect sensitive data even against admins, > the guys who can read /vicep* anyway... What prevents an admin from loggin in on the client machine to read the data while the volume is mounted? > Having said this, it is clear the encryption has to be on the client side. I guess the best would be if it would happen at application level. Means: let application store their data as GPG-encrypted files directly. Bye... Dirk signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] encrypted volumes
Am Freitag, 6. Februar 2009 19:12:34 schrieb David Bear: > well -- I don't know about truecrypt -- and doubt that windows, mac and > linux de jour does as well. Well, they do. > AFS volumes represent a very convenient way to have multiple offsite > backups of stuff -- and would be a great platform to build a service on > like 'carbonite' or the iron mountain data backup solution. Having > encrypted volumes would really make this kind of service sing. No. Backup volumes are _not_ a real backup. They are snapshots of the rw volumes which can be used to take a backup from without fear that the data changes in between. Being a snapshot, they usually stay where their rw volume is. So what you really want is not encrypted volumes, but an encrypted backup. That's a totally different thing. Bye... Dirk signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] encrypted volumes
Am Freitag, 6. Februar 2009 02:09:09 schrieb David Bear: > Has there ever been much discussion on created encrypted volumes? These > would work like a local encrypted file system - without they key, they are > useless. I'm thinking that you might need an fs setkey or something like > that to insert the key into the cache manager.. fs mkmount could have a > switch that would specify it was an encrypted volume.. The problem is that volumes in AFS are not mounted and unmounted all the time. The are mounted into the tree once and are usually available anytime. To prevent access to sensitive files, use ACLs. Things like ecryptfs, truecrypt or LUKS only protect data as long as the volume is _not_ mounted. Once mounted, normal Unix access permissions or ACLs apply. So what you could do is to create encrypted vice partitions and put volumes with sensitive data onto those, so that in case of theft or whatever the data cannot be read by the attacker. HTH... Dirk signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] Linux kernel and corresponding OpenAFS upgrade packages
Am Dienstag 21 Oktober 2008 20:01:23 schrieb ext Jaime Cifuentes: > Our OS team tried to upgrade the RedHat Enterprise Linux servers. > Originally they stated the new kernel level was 78.0.1, so our senior > coworker obtained the OpenAFS packages we needed for that kernel. He > downloaded kmod-openafs-smp-1.4.7-1.1.2.6.9_78.0.1.EL.i686.rpm, > kmod-openafs-1.4.7-1.1.2.6.9_78.0.1.EL.i686.rpm, and > kmod-openafs-hugemem-1.4.7-1.1.2.6.9_78.0.1.EL.i686.rpm. However, when > they (the OS team) updated the kernel, they upgraded it to 78.0.5, and > being this server an OpenAFS fileserver, they decided to not install the > AFS packages above, because they did not know if those were the correct > packages for OpenAFS. You don't need the kernel modules at all for server machines. Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: wwwkeys.pgp.net signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] Newbie question.
Dirk Heinrichs schrieb: > Max Lock schrieb: > >> * http://www.gentoo.org/doc/en/openafs.xml > > Please note that this is outdated since years. Better look at the HowTo > on gentoo-wiki.com, but make sure to read the "Discussion" tab, too. Just found out that the old HowTo on gentoo-wiki.com has been replaced with a new one, which uses MIT Kerberos5 from the beginning (the old one still used kaserver). So forget about the "Discussion" tab, it doesn't contain anything, yet :-) Here's the link: http://gentoo-wiki.com/HOWTO_OpenAFS Bye... Dirk signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] Newbie question.
Max Lock schrieb: > * http://www.gentoo.org/doc/en/openafs.xml Please note that this is outdated since years. Better look at the HowTo on gentoo-wiki.com, but make sure to read the "Discussion" tab, too. Bye... Dirk ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] OpenAFS Client login via KDM
Am Freitag, 30. Mai 2008 schrieb Ralf Hornik Mailings: > auth optional pam_afs_session.so ignore_root > auth sufficient pam_krb5.so ignore_root You need to get a kerberos ticket _before_ you can obtain and AFS token. HTH... Dirk signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] OpenAFS Client login via KDM
Am Donnerstag, 29. Mai 2008 schrieb Ralf Hornik Mailings: > are there any known issues regarding Gnome/KDE login Manager getting AFS > tokens? I can login perfectly using ssh, or console, get AFS Toks and my > home. > But using GDM/KDM it tells me "Can't update authorization file", or > "Can't chdir /afs/.daheim/user/: Permission denied" > > Seems the KDM doesn't get (or use) tokens? > Has someone solved this problem yes? Try setting "AuthDir" and/or "DmrcDir" in your kdmrc to some directory outside AFS. Or use qingy or wdm. HTH... Dirk signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] Weird client behaviour with openafs 1.4.5
Am Dienstag, 6. Mai 2008 schrieb Steffen Weißgerber: > -BEGIN PGP MESSAGE- > -END PGP MESSAGE- Sure. Bye... Dirk signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] salvaging volumes destroys data
Am Mittwoch, 12. März 2008 schrieb ext Ralf Hornik (Mailings): > After salvaging (bos salvage server daten) the Volume (daten) now is > completely unusable: > > [EMAIL PROTECTED]:~# ls -al /afs/.daheim/daten/ > insgesamt 4 > drwxrwxrwx 4 root root 2048 2008-03-12 13:31 . > drwxrwxrwx 2 root root 2048 2008-03-12 13:09 .. > ?- ? ?? ?? /afs/.daheim/daten/Downloads > ?- ? ?? ?? /afs/.daheim/daten/Programme > > "Downloads" and "Programme" are subfolders of volume "daten" with files > in it. > > This files also seem to be there in /vicepa/AFSIDat/* > > However /vicepa is also an ecryptfs and it may be causing trouble, but > what exactly failes? May be I can fix it... Hmm, I wonder if this really is a salvager problem. Did you compile with GCC 4.2.x? If yes, try recompiling with 4.1.x. See http://www.nabble.com/Strange-access-problems-on-one-client-to12112808.html HTH... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] File systems on Linux, again.
Am Montag, 3. Dezember 2007 schrieb ext John Lockard: > I'm curious about those using ext3... Are you running > ext3 with or without journaling? w/o journaling it's called ext2 :-) Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] openafs partition - how to increase
Am Donnerstag 29 November 2007 schrieb Helmut Jarausch: > I'd like to resize (enlarge) the ext2-partition on which e.g. > /vicepa is mounted. > > Does it use the additional space or is there any danger > OpenAFS gets confused? It will happily use the additional space. Bye... Dirk signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] What's the problem with reiser
Am Donnerstag, 29. November 2007 schrieb ext Harald Barth: > > We use openafs clients on a lot of machines. The local Filesystems are > > usually reiser. But for the DiskCache we have to install one partition > > with ext2. > > To all my experience, reiserfs is broken. I recommend NOT to use that > file system. At all. OK. replase reiser with xfs, jfs, whatever. I guess the real question was: What's the reason why one should not use other filesystems than ext2 for the cache partition on a Linux client? Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] Strange access problems on one client
Am Sonntag, 7. Oktober 2007 schrieb ext Derrick Brashear: > Omari Stephens confirmed this fixed a test system, and regardless it's > harmless, so we'll run with this. I'm glad to see the issue could be resolved. Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] gcc-4.2.1, afs-client not working
Am Freitag, 5. Oktober 2007 schrieb ext Hans-Werner Paulsen: > Hello, > on i386_linux26 I compiled the kernel 2.6.22.9 and OpenAFS 1.4.4 > using the gcc 4.2.1. > Now I get: > = >== # ls -l /afs > ls: cannot access /afs/mpa-garching.mpg.de: No such file or directory > ls: cannot access /afs/ipp-garching.mpg.de: No such file or directory > ls: cannot access /afs/world: No such file or directory > ls: cannot access /afs/rzg.mpg.de: No such file or directory > ls: cannot access /afs/andrew.cmu.edu: No such file or directory > total 14 > d? ? ?? ?? andrew.cmu.edu > drwxr-xr-x 11 root root 6144 Sep 21 07:18 ipp > ?? ? ?? ?? ipp-garching.mpg.de > drwxr-xr-x 3 root root 2048 Mar 30 2007 mpa > ?? ? ?? ?? mpa-garching.mpg.de > drwxr-xr-x 11 root root 6144 Sep 21 07:18 rzg > d? ? ?? ?? rzg.mpg.de > ?? ? ?? ?? world > = >== > > When I recompiled the OpenAFS software using gcc 4.1.2 everything is > fine. Looks like the reason for the problem I had. See thread "Strange access problems on one client". Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] Strange access problems on one client
Am Mittwoch, 26. September 2007 schrieb ext Derrick Brashear: > Ok, so it's just calling the access routines, meaning, nothing in OpenAFS > changed. If you can tell us at which version of the kernel things start > breaking it would be probably an easy fix for us from there. Seems this laptop died a sudden death last night while compiling an older kernel for testing this issue. So I'm out of this for now :-( Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] Strange access problems on one client
Am Dienstag, 25. September 2007 schrieb Russ Allbery: > Dirk Heinrichs <[EMAIL PROTECTED]> writes: > > It's neither in the src nor in the doc tarball, so it's no wonder that > > Gentoo doesn't install it. Where can I find it? > > It's generated during the build process in src/afs/afszcm.cat and > installed when you do a make dest, but it looks like it was never added to > make install (probably for lack of a good location in which to put it). I > fixed that for the Debian packages, but didn't come up with a clean patch > and hence haven't found a way to merge it upstream yet. OK, found it on an Ubuntu system and copied it over. So here's a new fstrace dump. Again, the command was: % LANG="" ll /afs/grand.central.org/ ls: cannot access /afs/grand.central.org/local: No such file or directory ls: cannot access /afs/grand.central.org/software: No such file or directory total 14K drwxrwxrwx 3 root root 2.0K Jun 17 2004 archive/ drwxrwxrwx 2 root root 2.0K May 7 2006 cvs/ drwxrwxrwx 3 root root 2.0K Mar 21 2003 doc/ d? ? ?? ?? local/ drwxrwxrwx 2 root root 2.0K Jun 17 2005 project/ drwxrwxrwx 5 root root 2.0K Jan 30 2007 service/ d? ? ?? ?? software/ drwxrwxrwx 2 root root 2.0K Aug 25 00:15 user/ drwxrwxrwx 5 root root 2.0K Aug 24 20:10 www/ Bye... Dirk AFS Trace Dump - Date: Wed Sep 26 18:58:45 2007 Found 1 logs. Contents of log cmfx: time 956.767009, pid 20043: Access vp 0xc2fc3c40 mode 0x40 len (0x0, 0x3800) time 956.767020, pid 20043: Getattr vp 0xc2fc3040 len (0x0, 0x1c) time 956.767036, pid 20043: Access vp 0xc2fc3c40 mode 0x40 len (0x0, 0x3800) time 956.767539, pid 20043: Access vp 0xc2fc3c40 mode 0x40 len (0x0, 0x3800) time 956.767543, pid 20043: Access vp 0xc2fc3040 mode 0x100 len (0x0, 0x1c) time 956.767554, pid 20043: Open 0xc2fc3040 flags 0x18800 time 956.767557, pid 20043: Open 0xc2fc3240 flags 0xf423f time 956.767560, pid 20043: Getattr vp 0xc2fc3040 len (0x0, 0x1c) time 956.767576, pid 20043: GetdCache vp 0xc2fc3240 dcache 0xf9c83b60 dcache low-version 0xe, vcache low-version 0xe time 956.767577, pid 20043: GetdCache tlen 0x800 flags 0x1 abyte (0x0, 0x0) Position (0x0, 0x0) time 956.767597, pid 20043: Access vp 0xc2fc3c40 mode 0x40 len (0x0, 0x3800) time 956.767599, pid 20043: Access vp 0xc2fc3040 mode 0x40 len (0x0, 0x1c) time 956.767606, pid 20043: GetdCache vp 0xc2fc3240 dcache 0xf9c83b60 dcache low-version 0xe, vcache low-version 0xe time 956.767607, pid 20043: GetdCache tlen 0x800 flags 0x1 abyte (0x0, 0x0) Position (0x0, 0x0) time 956.767611, pid 20043: Lookup adp 0xc2fc3240 name archive fid (174:536870913.2.2), code=0 time 956.767616, pid 20043: Mount point is to vp 0xc2fc3440 fid (174:536870913.2.2) time 956.767620, pid 20043: Getattr vp 0xd176e280 len (0x0, 0x800) time 956.767623, pid 20043: Access vp 0xc2fc3c40 mode 0x40 len (0x0, 0x3800) time 956.767625, pid 20043: Access vp 0xc2fc3040 mode 0x40 len (0x0, 0x1c) time 956.767630, pid 20043: GetdCache vp 0xc2fc3240 dcache 0xf9c83b60 dcache low-version 0xe, vcache low-version 0xe time 956.767631, pid 20043: GetdCache tlen 0x800 flags 0x1 abyte (0x0, 0x0) Position (0x0, 0x0) time 956.767632, pid 20043: Lookup adp 0xc2fc3240 name archive fid (174:536870913.2.2), code=0 time 956.767635, pid 20043: Mount point is to vp 0xc2fc3440 fid (174:536870913.2.2) time 956.767642, pid 20043: Access vp 0xc2fc3c40 mode 0x40 len (0x0, 0x3800) time 956.767644, pid 20043: Access vp 0xc2fc3040 mode 0x40 len (0x0, 0x1c) time 956.767651, pid 20043: GetdCache vp 0xc2fc3240 dcache 0xf9c83b60 dcache low-version 0xe, vcache low-version 0xe time 956.767652, pid 20043: GetdCache tlen 0x800 flags 0x1 abyte (0x0, 0x0) Position (0x0, 0x0) time 956.767655, pid 20043: Lookup adp 0xc2fc3240 name local fid (174:536870913.587202568.0), code=2 time 956.767656, pid 20043: Returning code 2 from 19 time 956.767707, pid 20043: Access vp 0xc2fc3c40 mode 0x40 len (0x0, 0x3800) time 956.767709, pid 20043: Access vp 0xc2fc3040 mode 0x40 len (0x0, 0x1c) time 956.767728, pid 20043: GetdCache vp 0xc2fc3240 dcache 0xf9c83b60 dcache low-version 0xe, vcache low-version 0xe time 956.767729, pid 20043: GetdCache tlen 0x800 flags 0x1 abyte (0x0, 0x0) Position (0x0, 0x0) time 956.767731, pid 20043: Lookup adp 0xc2fc3240 name doc fid (174:536870913.6.4), code=0 time 956.767734, pid 20043: Mount point is to vp 0xc2fc3840 fid (174:536870913.6.4) time 956.767737, pid 20043: Getattr vp 0xd176e080 len (0x0, 0x800) time 956.767740, pid 20043: Access vp 0xc2fc3c40 mode 0x40 len (0x0, 0x3800) time 956.767742, pid 20043: Access vp 0xc2fc3040 mode 0x40 len (0x0, 0x1c) time 956.767746, pid 20043: GetdCache vp 0xc2fc3240 dcache 0xf9c83b60 dcache low-version 0xe, vcache low-version 0xe time 956.767748, pid 20043: GetdCache tlen 0x800 flags 0x1 abyte (0x0, 0x0) Position (0x0, 0x0) time 956.767
Re: [OpenAFS] Strange access problems on one client
Am Dienstag, 25. September 2007 schrieb Dirk Heinrichs: > Am Dienstag, 25. September 2007 schrieb Russ Allbery: > > Dirk Heinrichs <[EMAIL PROTECTED]> writes: > > > Am Dienstag, 25. September 2007 schrieb Derrick Brashear: > > >> Having fstrace output might help here. > > > > > > Find it attached. > > > > It looks like you don't have afszcm.cat installed where fstrace expects > > to find it, so you're not getting translation of operations into what the > > operation actually is. > > # locate afszcm.cat > /usr/share/doc/openafs-1.4.4_p20070724-r1/man-pages/man5/afszcm.cat.5 > /usr/share/doc/openafs-1.4.4_p20070724-r1/man-pages/pod5/afszcm.cat.pod > /usr/share/man/man5/afszcm.cat.5 > > Hmm, seems like the Gentoo package only installs its documentation. It's neither in the src nor in the doc tarball, so it's no wonder that Gentoo doesn't install it. Where can I find it? Bye... Dirk signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] Strange access problems on one client
Am Dienstag, 25. September 2007 schrieb Russ Allbery: > Dirk Heinrichs <[EMAIL PROTECTED]> writes: > > Am Dienstag, 25. September 2007 schrieb Derrick Brashear: > >> Having fstrace output might help here. > > > > Find it attached. > > It looks like you don't have afszcm.cat installed where fstrace expects to > find it, so you're not getting translation of operations into what the > operation actually is. # locate afszcm.cat /usr/share/doc/openafs-1.4.4_p20070724-r1/man-pages/man5/afszcm.cat.5 /usr/share/doc/openafs-1.4.4_p20070724-r1/man-pages/pod5/afszcm.cat.pod /usr/share/man/man5/afszcm.cat.5 Hmm, seems like the Gentoo package only installs its documentation. Need to file a bug... Bye... Dirk signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] Strange access problems on one client
Am Dienstag, 25. September 2007 schrieb Derrick Brashear: > Having fstrace output might help here. Find it attached. Bye... Dirk AFS Trace Dump - Date: Tue Sep 25 21:55:33 2007 Found 1 logs. Contents of log cmfx: time 888.201037, pid 0: Tue Sep 25 21:54:32 2007 raw op 701087822, time 888.201037, pid 31983 p0:0xda82cc40 p1:64 p2:0.3800 raw op 701087790, time 888.201060, pid 31983 p0:0xda82cc40 p1:0xf9c83c00 p2:176 p3:176 raw op 701087791, time 888.201063, pid 31983 p0:14336 p1:1 p2:0.0 p3:0.0 raw op 701087758, time 888.201085, pid 31983 p0:0xda82cc40 p1:1.1.1.1 p2:0.0 p3:9 raw op 701087823, time 888.219916, pid 31983 p0:0xda82cc40 p1:grand.central.org p2:1.1.16777908.1 p3:0 raw op 701087760, time 888.219952, pid 31983 p0:0xda82c040 p1:0.0 p2:0.1c raw op 701087820, time 888.219958, pid 31983 p0:0xda82c040 p1:0.1c raw op 701087820, time 888.219976, pid 31983 p0:0xda82c040 p1:0.1c raw op 701087822, time 888.220029, pid 31983 p0:0xda82cc40 p1:64 p2:0.3800 raw op 701087822, time 888.221205, pid 31983 p0:0xda82cc40 p1:64 p2:0.3800 raw op 701087822, time 888.221213, pid 31983 p0:0xda82c040 p1:256 p2:0.1c raw op 701087812, time 888.221221, pid 31983 p0:root.cell p1:0xf64cd493 raw op 701087813, time 888.344912, pid 31983 p0:-1 p1:0xddb9aee0 p2:0 p3:0 raw op 701087813, time 888.466329, pid 31983 p0:-1 p1:0xe6374a20 p2:0 p3:1001 raw op 701087813, time 888.586735, pid 31983 p0:-1 p1:0xe6374a20 p2:0 p3:1001 raw op 701087813, time 888.707222, pid 31983 p0:-1 p1:0xe6374a20 p2:0 p3:1001 raw op 701087813, time 888.846231, pid 31983 p0:2 p1:0xe6374420 p2:0 p3:1001 raw op 701087760, time 888.846235, pid 31983 p0:0xda82c240 p1:0.0 p2:0.800 raw op 701087812, time 888.846269, pid 31983 p0:536870913 p1:0xdf741d0a raw op 701087813, time 888.969667, pid 31983 p0:-1 p1:0xddb9aee0 p2:0 p3:0 raw op 701087813, time 889.003692, pid 31983 p0:2 p1:0xe6374420 p2:0 p3:1001 raw op 701087760, time 889.003695, pid 31983 p0:0xda82c240 p1:0.800 p2:0.800 raw op 701087815, time 889.003737, pid 31983 p0:0xda82c040 p1:100352 raw op 701087815, time 889.003747, pid 31983 p0:0xda82c240 p1:99 raw op 701087820, time 889.003754, pid 31983 p0:0xda82c040 p1:0.1c raw op 701087790, time 889.003801, pid 31983 p0:0xda82c240 p1:0xf9c83b60 p2:14 p3:14 raw op 701087791, time 889.003803, pid 31983 p0:2048 p1:1 p2:0.0 p3:0.0 raw op 701087822, time 889.007535, pid 31983 p0:0xda82cc40 p1:64 p2:0.3800 raw op 701087822, time 889.007542, pid 31983 p0:0xda82c040 p1:64 p2:0.1c raw op 701087790, time 889.007557, pid 31983 p0:0xda82c240 p1:0xf9c83b60 p2:14 p3:14 raw op 701087791, time 889.007559, pid 31983 p0:2048 p1:1 p2:0.0 p3:0.0 raw op 701087823, time 889.007564, pid 31983 p0:0xda82c240 p1:archive p2:174.536870913.2.2 p3:0 raw op 701087790, time 889.007568, pid 31983 p0:0xda82c240 p1:0xf9c83b60 p2:14 p3:14 raw op 701087791, time 889.007570, pid 31983 p0:2048 p1:1 p2:0.0 p3:0.0 raw op 701087813, time 889.042305, pid 31983 p0:25 p1:0xe6374420 p2:0 p3:1001 raw op 701087760, time 889.042340, pid 31983 p0:0xda82c440 p1:0.0 p2:0.e raw op 701087760, time 889.042344, pid 31983 p0:0xda82c640 p1:0.0 p2:0.c raw op 701087760, time 889.042346, pid 31983 p0:0xda82c840 p1:0.0 p2:0.a raw op 701087760, time 889.042349, pid 31983 p0:0xda82ca40 p1:0.0 p2:0.e raw op 701087760, time 889.042350, pid 31983 p0:0xd9990c80 p1:0.0 p2:0.e raw op 701087760, time 889.042352, pid 31983 p0:0xd9990a80 p1:0.0 p2:0.f raw op 701087760, time 889.042354, pid 31983 p0:0xd9990880 p1:0.0 p2:0.b raw op 701087760, time 889.042356, pid 31983 p0:0xd9990680 p1:0.0 p2:0.a raw op 701087760, time 889.042359, pid 31983 p0:0xd9990480 p1:0.0 p2:0.a raw op 701087790, time 889.042365, pid 31983 p0:0xda82c440 p1:0xf9c837a0 p2:1 p3:1 raw op 701087791, time 889.042367, pid 31983 p0:14 p1:0 p2:0.0 p3:0.0 raw op 701087862, time 889.042370, pid 31983 p0:0xda82c440 p1:0xf9c837a0 p2:0.e raw op 701087812, time 889.050126, pid 31983 p0:root.archive p1:0xf31bff01 raw op 701087813, time 889.172305, pid 31983 p0:-1 p1:0xddb9aee0 p2:0 p3:0 raw op 701087824, time 889.172350, pid 31983 p0:0xda82c440 p1:174.536870913.2.2 raw op 701087813, time 889.206696, pid 31983 p0:2 p1:0xe6374420 p2:0 p3:1001 raw op 701087760, time 889.206698, pid 31983 p0:0xd9990280 p1:969bc40f.9959d18c p2:0.800 raw op 701087820, time 889.206733, pid 31983 p0:0xd9990280 p1:0.800 raw op 701087820, time 889.206741, pid 31983 p0:0xd9990280 p1:0.800 raw op 701087822, time 889.206757, pid 31983 p0:0xda82cc40 p1:64 p2:0.3800 raw op 701087822, time 889.206765, pid 31983 p0:0xda82c040 p1:64 p2:0.1c raw op 701087790, time 889.206781, pid 31983 p0:0xda82c240 p1:0xf9c83b60 p2:14 p3:14 raw op 701087791, time 889.206782, pid 31983 p0:2048 p1:1 p2:0.0 p3:0.0 raw op 701087823, time 889.206788, pid 31983 p0:0xda82c240 p1:archive p2:174.536870913.2.2 p3:0 raw op 701087824, time 889.206794, pid 31983 p0:0xda82c440 p1:174.536870913.2.2 raw op 701087822, time 889.206824, pid 31983 p0:0xda82cc40 p1:
Re: [OpenAFS] Strange access problems on one client
Am Montag, 24. September 2007 schrieb ext Frank Burkhardt: > On Mon, Sep 24, 2007 at 06:41:31AM +0200, Harald Barth wrote: > > > [EMAIL PROTECTED] ~ % LANG="" ll /afs/grand.central.org/ > > > ls: cannot access /afs/grand.central.org/local: No such file or > > > directory ls: cannot access /afs/grand.central.org/software: No such > > > file or directory total 14K > > > drwxrwxrwx 3 root root 2.0K Jun 17 2004 archive/ > > > drwxrwxrwx 2 root root 2.0K May 7 2006 cvs/ > > > drwxrwxrwx 3 root root 2.0K Mar 21 2003 doc/ > > > ?? ? ?? ?? local > > > drwxrwxrwx 2 root root 2.0K Jun 17 2005 project/ > > > drwxrwxrwx 5 root root 2.0K Jan 30 2007 service/ > > > ?? ? ?? ?? software > > > drwxrwxrwx 2 root root 2.0K Aug 25 00:15 user/ > > > drwxrwxrwx 5 root root 2.0K Aug 24 20:10 www/ > > > > That is really strange because I can't see why doc should differ from > > software. Both are mountpoints with similar ACL and permissions. > > I'd like to point out that on my machine not only mountpoints are > affected but directories and files as well. > > Is this the same on your's, Dirk? Yes, it is. Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] Strange access problems on one client
Am Montag, 24. September 2007 schrieb ext Harald Barth: > > [EMAIL PROTECTED] ~ % LANG="" ll /afs/grand.central.org/ > > ls: cannot access /afs/grand.central.org/local: No such file or > > directory ls: cannot access /afs/grand.central.org/software: No such > > file or directory total 14K > > drwxrwxrwx 3 root root 2.0K Jun 17 2004 archive/ > > drwxrwxrwx 2 root root 2.0K May 7 2006 cvs/ > > drwxrwxrwx 3 root root 2.0K Mar 21 2003 doc/ > > ?? ? ?? ?? local > > drwxrwxrwx 2 root root 2.0K Jun 17 2005 project/ > > drwxrwxrwx 5 root root 2.0K Jan 30 2007 service/ > > ?? ? ?? ?? software > > drwxrwxrwx 2 root root 2.0K Aug 25 00:15 user/ > > drwxrwxrwx 5 root root 2.0K Aug 24 20:10 www/ > > That is really strange because I can't see why doc should differ from > software. Both are mountpoints with similar ACL and permissions. > > > Kernel: Vanilla 2.6.22.7 > > OpenAFS: Gentoo Package openafs-kernel-1.4.4_p20070724-r2 > > My most up to date gentoo box is at >2.6.21-gentoo-r2 >1.4.4 > And I'm _not_ seeing this. Hmm, whould be nice to know what the others who see this problem are running. > I have not figured out the diff between 1.4.4 and 1.4.4_p20070724, is > there an easy way to do that without emerging first one ans then the > other? By comparing the ebuilds, one can see that 1.4.4_p20070724-r2 adds thre more patches. Two are architecture related (sparc and ppc), the third one seems to add CVS stuff. Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] Strange access problems on one client
Hello, since I got a mail from another person who had this same problem, I would like to follow up on this. Here's what I wrote back in august: > I'm currently facing strange behaviour on one client machine, which > looks like: > > [EMAIL PROTECTED] ~ % kinit > Password for [EMAIL PROTECTED]: > [EMAIL PROTECTED] ~ % aklog > [EMAIL PROTECTED] ~ % tokens > > Tokens held by the Cache Manager: > > User's (AFS ID 1001) tokens for [EMAIL PROTECTED] [Expires Aug 13 16:42] >--End of list-- > [EMAIL PROTECTED] ~ % id > uid=3D1001(heini) gid=3D100(users) > Gruppen=3D10(wheel),12(mail),14(uucp),16= (cron),18 > (audio),19(cdrom),35(games),80(cdrw),100(users),441(plugdev),442(camera),45 >3 (hibernate) > [EMAIL PROTECTED] ~ % LANG="" ll /afs/altum.de > ls: cannot access /afs/altum.de/music: No such file or directory > ls: cannot access /afs/altum.de/cells: No such file or directory > total 4.0K > d? ? ? ??? cells/ > drwx-- 2 heini users 2.0K Jun 29 20:10 data/ > drwx-- 2 root root 2.0K Sep 1 2006 home/ > d? ? ? ??? music/ > [EMAIL PROTECTED] ~ % LANG="" ll /afs/altum.de/home > ls: cannot access /afs/altum.de/home/heini: No such file or directory > ls: cannot access /afs/altum.de/home/heike: No such file or directory > ls: cannot access /afs/altum.de/home/chris: No such file or directory > total 2.0K > ?? ? ???? chris > ?? ? ???? heike > ?? ? ???? heini > drwx-- 12 niki users 2.0K May 17 13:38 niki/ > > When I login to another machine, everything is just fine: > > [EMAIL PROTECTED] ~ % slogin rohan > [EMAIL PROTECTED]'s password: > Linux rohan 2.6.20-16-generic #2 SMP Thu Jun 7 20:19:32 UTC 2007 i586 > > The programs included with the Ubuntu system are free software; > the exact distribution terms for each program are described in the > individual files in /usr/share/doc/*/copyright. > > Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by > applicable law. > Last login: Sun Aug 12 11:24:54 2007 > > rohan% tokens > > Tokens held by the Cache Manager: > > User's (AFS ID 1001) tokens for [EMAIL PROTECTED] [Expires Aug 13 16:45] >--End of list-- > rohan% pwd > /afs/altum.de/home/heini > rohan% ll .. > insgesamt 36K > drwx-- 12 chris users 2,0K 2007-05-17 13:43 chris/ > drwx-- 21 heike users 4,0K 2006-09-01 20:08 heike/ > drwxr-xr-x 139 heini users 28K 2007-08-12 11:45 heini/ > drwx-- 12 niki users 2,0K 2007-05-17 13:38 niki/ > rohan% fs la . > Access list for . is > Normal rights: > heini rlidwka > rohan% ll /afs/altum.de > insgesamt 8,0K > drwx-- 2 root root 2,0K 2006-08-27 14:10 cells/ > drwx-- 2 heini users 2,0K 2007-06-29 20:10 data/ > drwx-- 2 root root 2,0K 2006-09-01 17:41 home/ > drwx-- 3 heini users 2,0K 2007-03-24 16:08 music/ > rohan% id > uid=1001(heini) gid=100(users) > Gruppen=4(adm),20(dialout),24(cdrom),25 > (floppy),29(audio),30(dip),44(video),46(plugdev),100(users),104(scanner),11 >2 (netdev),113(lpadmin),115(powerdev),117(admin),1103024598 > > OpenAFS version is 1.4.4 on both, Linux kernel version on gondolin is > 2.6.22.1. I already tried to recreate the cache by creating a new > filesystem on the cache manager partition, but that didn't help. The problem seems to be independent of the server(s) or cell, because it also happens when I try to access public cells on the internet, running completely unauthenticated, like: [EMAIL PROTECTED] ~ % LANG="" ll /afs/grand.central.org/ ls: cannot access /afs/grand.central.org/local: No such file or directory ls: cannot access /afs/grand.central.org/software: No such file or directory total 14K drwxrwxrwx 3 root root 2.0K Jun 17 2004 archive/ drwxrwxrwx 2 root root 2.0K May 7 2006 cvs/ drwxrwxrwx 3 root root 2.0K Mar 21 2003 doc/ ?? ? ?? ?? local drwxrwxrwx 2 root root 2.0K Jun 17 2005 project/ drwxrwxrwx 5 root root 2.0K Jan 30 2007 service/ ?? ? ?? ?? software drwxrwxrwx 2 root root 2.0K Aug 25 00:15 user/ drwxrwxrwx 5 root root 2.0K Aug 24 20:10 www/ The client has been started like this: /usr/sbin/afsd -fakestat -stat 2000 -dcache 800 -daemons 3 -volumes 70 -verbose -debug -dynroot Which, except for -verbose and -debug, is the default I get from the Gentoo init script, which sets the values based on the cache size. Version info: Kernel: Vanilla 2.6.22.7 OpenAFS: Gentoo Package openafs-kernel-1.4.4_p20070724-r2 Bye... Dirk signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] Setting up new cell on RHEL4 - some help needed
Am Mittwoch, 22. August 2007 schrieb ext Robert Sturrock: > Various servers seem to be running: > Instance kaserver, currently running normally. If you're setting up a new cell anyway, you shouldn't use kaserver anymore. It's based on kerberos 4 technology, which is known to be insecure. OpenAFS today works fine with kerberos 5 servers like MIT Krb5 or Heimdahl. Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] Strange access problems on one client
Am Sonntag, 12. August 2007 schrieb Jeffrey Altman: > What version of AFS is on the file servers? It's also 1.4.4, Ubuntu Feisty. > How are tokens being obtained on rohan? Via PAM at login time (pam_krb5 + pam_openafs_session). > Do you have the same issues if > you using kinit / aklog ? You mean on rohan? No. Bye... Dirk signature.asc Description: This is a digitally signed message part.
[OpenAFS] Strange access problems on one client
Hi, I'm currently facing strange behaviour on one client machine, which looks like: [EMAIL PROTECTED] ~ % kinit Password for [EMAIL PROTECTED]: [EMAIL PROTECTED] ~ % aklog [EMAIL PROTECTED] ~ % tokens Tokens held by the Cache Manager: User's (AFS ID 1001) tokens for [EMAIL PROTECTED] [Expires Aug 13 16:42] --End of list-- [EMAIL PROTECTED] ~ % id uid=1001(heini) gid=100(users) Gruppen=10(wheel),12(mail),14(uucp),16(cron),18 (audio),19(cdrom),35(games),80(cdrw),100(users),441(plugdev),442(camera),453 (hibernate) [EMAIL PROTECTED] ~ % LANG="" ll /afs/altum.de ls: cannot access /afs/altum.de/music: No such file or directory ls: cannot access /afs/altum.de/cells: No such file or directory total 4.0K d? ? ? ??? cells/ drwx-- 2 heini users 2.0K Jun 29 20:10 data/ drwx-- 2 root root 2.0K Sep 1 2006 home/ d? ? ? ??? music/ [EMAIL PROTECTED] ~ % LANG="" ll /afs/altum.de/home ls: cannot access /afs/altum.de/home/heini: No such file or directory ls: cannot access /afs/altum.de/home/heike: No such file or directory ls: cannot access /afs/altum.de/home/chris: No such file or directory total 2.0K ?? ? ???? chris ?? ? ???? heike ?? ? ???? heini drwx-- 12 niki users 2.0K May 17 13:38 niki/ When I login to another machine, everything is just fine: [EMAIL PROTECTED] ~ % slogin rohan [EMAIL PROTECTED]'s password: Linux rohan 2.6.20-16-generic #2 SMP Thu Jun 7 20:19:32 UTC 2007 i586 The programs included with the Ubuntu system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. Last login: Sun Aug 12 11:24:54 2007 rohan% tokens Tokens held by the Cache Manager: User's (AFS ID 1001) tokens for [EMAIL PROTECTED] [Expires Aug 13 16:45] --End of list-- rohan% pwd /afs/altum.de/home/heini rohan% ll .. insgesamt 36K drwx-- 12 chris users 2,0K 2007-05-17 13:43 chris/ drwx-- 21 heike users 4,0K 2006-09-01 20:08 heike/ drwxr-xr-x 139 heini users 28K 2007-08-12 11:45 heini/ drwx-- 12 niki users 2,0K 2007-05-17 13:38 niki/ rohan% fs la . Access list for . is Normal rights: heini rlidwka rohan% ll /afs/altum.de insgesamt 8,0K drwx-- 2 root root 2,0K 2006-08-27 14:10 cells/ drwx-- 2 heini users 2,0K 2007-06-29 20:10 data/ drwx-- 2 root root 2,0K 2006-09-01 17:41 home/ drwx-- 3 heini users 2,0K 2007-03-24 16:08 music/ rohan% id uid=1001(heini) gid=100(users) Gruppen=4(adm),20(dialout),24(cdrom),25 (floppy),29(audio),30(dip),44(video),46(plugdev),100(users),104(scanner),112 (netdev),113(lpadmin),115(powerdev),117(admin),1103024598 OpenAFS version is 1.4.4 on both, Linux kernel version on gondolin is 2.6.22.1. I already tried to recreate the cache by creating a new filesystem on the cache manager partition, but that didn't help. Any ideas what can be wrong? Thanks... Dirk signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] Usernames in pts
Am Mittwoch, 1. August 2007 schrieb ext Mikkel Kruse Johnsen: > pts createuser mkj.lib 500 > fs setacl /afs/.cbs.dk/home/mkj.lib all Did you check the ACL entry with fs la? > kinit mkj.lib > aklog Do you get a ticket/token? Check with klist/tokens. Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] Usernames in pts
Am Mittwoch, 1. August 2007 schrieb ext Mikkel Kruse Johnsen: > fs setacl /afs/.cbs.dk/home/mkj.lib all Just a guess, but to whom do you want to give all permissions on that directory? HTH... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] Version 1.4.5 (was: Production ready?)
Am Freitag, 13. Juli 2007 schrieb Russ Allbery: > but note that the 1.4.4 client release on Linux only supports Linux > kernels up through (IIRC) 2.6.20. 1.4.4/2.6.21.x also worked fine for me. > Later kernels will require the upcoming > 1.4.5 release. Ah, that will then solve my compilation issue with 2.6.22.1, I guess (see my other mail from yesterday). Will wait for 1.4.5, then. Bye... Dirk signature.asc Description: This is a digitally signed message part.
[OpenAFS] OpenAFS 1.4.4 + Kernel 2.6.22.1 compile error
Hi, while compiling the OpenAFS kernel module for the latest Linux kernel, I get the following error (on Gentoo): CC [M] /gentoo/build/net-fs/openafs-kernel-1.4.4/work/openafs-1.4.4/src/libafs/MODLOAD-2.6.22.1-SP/rx_kmutex.o /gentoo/build/net-fs/openafs-kernel-1.4.4/work/openafs-1.4.4/src/libafs/MODLOAD-2.6.22.1-SP/rx_kmutex.c: In function 'afs_mutex_enter': /gentoo/build/net-fs/openafs-kernel-1.4.4/work/openafs-1.4.4/src/libafs/MODLOAD-2.6.22.1-SP/rx_kmutex.c:48: warning: format '%x' expects type 'unsigned int', but argument 2 has type 'struct afs_kmutex_t *' /gentoo/build/net-fs/openafs-kernel-1.4.4/work/openafs-1.4.4/src/libafs/MODLOAD-2.6.22.1-SP/rx_kmutex.c: In function 'afs_mutex_exit': /gentoo/build/net-fs/openafs-kernel-1.4.4/work/openafs-1.4.4/src/libafs/MODLOAD-2.6.22.1-SP/rx_kmutex.c:69: warning: format '%x' expects type 'unsigned int', but argument 2 has type 'struct afs_kmutex_t *' /gentoo/build/net-fs/openafs-kernel-1.4.4/work/openafs-1.4.4/src/libafs/MODLOAD-2.6.22.1-SP/rx_kmutex.c: In function 'afs_cv_wait': /gentoo/build/net-fs/openafs-kernel-1.4.4/work/openafs-1.4.4/src/libafs/MODLOAD-2.6.22.1-SP/rx_kmutex.c:125: error: 'struct task_struct' has no member named 'thread_info' make[6]: *** [/gentoo/build/net-fs/openafs-kernel-1.4.4/work/openafs-1.4.4/src/libafs/MODLOAD-2.6.22.1-SP/rx_kmutex.o] Error 1 make[5]: *** [_module_/gentoo/build/net-fs/openafs-kernel-1.4.4/work/openafs-1.4.4/src/libafs/MODLOAD-2.6.22.1-SP] Error 2 make[5]: Leaving directory `/usr/src/linux-2.6.22.1' make[4]: *** [libafs.ko] Error 2 make[4]: Leaving directory `/gentoo/build/net-fs/openafs-kernel-1.4.4/work/openafs-1.4.4/src/libafs/MODLOAD-2.6.22.1-SP' make[3]: *** [linux_compdirs] Error 2 make[3]: Leaving directory `/gentoo/build/net-fs/openafs-kernel-1.4.4/work/openafs-1.4.4/src/libafs' make[2]: *** [libafs] Error 2 make[2]: Leaving directory `/gentoo/build/net-fs/openafs-kernel-1.4.4/work/openafs-1.4.4' make[1]: *** [build] Error 2 make[1]: Leaving directory `/gentoo/build/net-fs/openafs-kernel-1.4.4/work/openafs-1.4.4' make: *** [only_libafs] Error 2 Bye... Dirk signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] Full disk woes
Am Freitag, 6. Juli 2007 schrieb Dirk Heinrichs: > Am Freitag, 6. Juli 2007 schrieb ext Steve Devine: > > I committed the cardinal sin of letting a server partition fill up. > > I have tried vos remove and vos zap .. I can't get rid of any > > vols.Volume management fails on this machine. > > Did you try vos remsite to remove readonly copies of rw volumes which are > located on _another_ partition? Forget what I wrote, wouldn't be of any help. Bye... Dirk signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] Full disk woes
Am Freitag, 6. Juli 2007 schrieb ext Steve Devine: > I committed the cardinal sin of letting a server partition fill up. > I have tried vos remove and vos zap .. I can't get rid of any > vols.Volume management fails on this machine. Did you try vos remsite to remove readonly copies of rw volumes which are located on _another_ partition? Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] Cell migration
Am Sonntag, 1. Juli 2007 schrieb Gérald Macinenti: > would it be another option to have a simple fileserver added to both > administrative servers (with the same cell name??) and migrate volumes > with a vos move from old to this fs then move from this fs to new? Hmm, seems you make things more complicated than needed. I would just do what Christopher has suggested: Add the new machine to the cell as file server, vos move the volumes and then add DB server processes and migrate the databases. As for kerberos: Add the new machine to the kerberos realm as slave KDC, syncronize the databases and then switch slave and master kdc. Did I forget something? Bye... Dirk signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] User got token, but aklog doesn´ t show it? - SOLVED
Am Dienstag, 26. Juni 2007 schrieb ext Dirk Heinrichs: > Am Dienstag, 26. Juni 2007 schrieb ext Lars Schimmer: > > But now gdm/kdm hits me again... > > kdm doesn´t obtain me tokens while logging in (on debian sid). > > and gdm tells me on login, it can´t access ".dmrc" > > This is a known problem with kdm. wdm works fine for me. Plain old xdm > should also do. And not to forget qingy. Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] User got token, but aklog doesn´ t show it? - SOLVED
Am Dienstag, 26. Juni 2007 schrieb ext Lars Schimmer: > But now gdm/kdm hits me again... > kdm doesn´t obtain me tokens while logging in (on debian sid). > and gdm tells me on login, it can´t access ".dmrc" This is a known problem with kdm. wdm works fine for me. Plain old xdm should also do. Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Wanheimerstraße 68 | Web: http://www.capgemini.com D-40468 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net signature.asc Description: This is a digitally signed message part.
Re: [OpenAFS] Add new fileserver
Am Sonntag, 8. April 2007 schrieb Melvin Wong: > [EMAIL PROTECTED] ~]# vos listaddrs > afs1.ben.muveenet > afs2.ben.muveenet > > [EMAIL PROTECTED] ~]# vos partinfo afs1.ben.muveenet > Free space on partition /vicepa: 711420 K blocks out of total 734684 > [EMAIL PROTECTED] ~]# vos partinfo afs2.ben.muveenet > Free space on partition /vicepa: 948956 K blocks out of total 983080 > > I am trying to attain high availability as well as creating a big > distributed storage space (hopefully it can reach 30-40 Tera) with many > low-end servers. I've created the 1st afs server with home directory and > the users can login and access their home folder without any problems. > But I'm a bit lost on how should I further expand to afs2, afs3 and so > on. If I create a home directory for my users on afs1, do I need to > create the exact directory on my afs2? Appreciate for the all the help > given. You can now add read-only replicas for your volumes by using the "vos addsite" command. However, it is not recommended to do this for volumes which should be writeable most of the times (because afs always prefers the read-only volume over the read-write one). As for the home volumes, I would "vos move" some of them to the other server, so that a failure of one server doesn't affect all users. HTH... Dirk pgpYV6m7frAuo.pgp Description: PGP signature
Re: [OpenAFS] About OpenAfs
Am Donnerstag, 22. März 2007 schrieb colderthanice: > WOOW. We can run Word from openafs. I mean Microsoft Word. Not word > document!! Yes, I understood that. > Microsoft Word is aproximately 30-40MB executable file. So what? > How long time does it take run? I don't know. I don't use it. > How can we set c:\program files\office directory for > running. AFAIK, you can install it wherever you want. HTH... Dirk pgpCaKLMF9VW7.pgp Description: PGP signature
Re: [OpenAFS] About OpenAfs
Am Donnerstag, 22. März 2007 schrieb colderthanice: > I am new in this group and new about Openafs. I want to ask somethings > about system.I think we use openafs system as a network mapping drive. > Beside this. > 1- Can we install openafs server to winxp? See thread from two hours ago. > 2- Is it hard to manage settings? No. > 3- Is it working as if apache or not? ??? Apache is a web server, AFS is a filesystem. > 4- What are the differences between vnc? ??? VNC is a remote desktop solution, AFS is... see above. > 5- Can we run for example word from openafs installed server? AFAIK, yes. Bye... Dirk pgpUmMtx8egMd.pgp Description: PGP signature
Re: [OpenAFS] Help in Setting up Openafs
Am Donnerstag, 22. März 2007 schrieb Melvin Wong: > a.Is it possible to join a Windows afs server to a linux afs cell? AFAIK, there is no such thing as a Windows AFS server. Or has this changed recently? > b.How do I mount the afs user directory to the home directory such that > the users are in their afs user directory once they login (is it > possible?)? Once you have setup your AFS cell, you can create new user directories under /afs (i.e. /afs/your.cell.com/users/johndoe), with one AFS volume for each user, move the contents of the former home dirs and change the entries in /etc/passwd. To access those directories at login time you either need AFS enabled login program or the appropriate PAM modules for getting Kerberos tickets and AFS tokens. > c.How do I share out files in afs through samba? I don't know, I don't use Windows. However, you can install the AFS client for Windows to access the AFS file space. > d.If I have use afs authentication without setting up any other Kerberos > on my linux afs server, how do I get the tokens on a windows afs client (do > I need MIT Kerberos and what's the settings?)? AFAIK, Windows has Kerberos capabilities built in. You should set up a dedicated kerberos server (MIT, Heimdal or Windows AD). OTOH, using AFS' kaserver is not recommended (because of its Kerberos 4 roots). HTH... Dirk pgp7ReTR8WnUK.pgp Description: PGP signature
Re: [OpenAFS] bos: can't open cell database
Am Dienstag, 16. Januar 2007 20:20 schrieb ext Michal Gutowski: > Yes, I'm sure for 100% > /usr/local/etc/openafs there're two symbolic links one for ThisCell > second for CellServDB > and they show to usr/local/etc/openafs/server/ I guess they should point to /usr/..., not usr/... Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Hambornerstraße 55 | Web: http://www.capgemini.com D-40472 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net pgpL25VXSfxbT.pgp Description: PGP signature
Re: [OpenAFS] Active Directory 2003, kerberos 5, openAFS - rxkad error=19270407, arghhhh
Am Mittwoch, 3. Januar 2007 14:29 schrieb ext Jeffrey Altman: > P.S. In your krb5.conf file, don't do this: > > default_tkt_enctypes = des-cbc-crc des-cbc-md5 > default_tgs_enctypes = des-cbc-crc des-cbc-md5 Is this a general recommendation or only for Erik? Can you give some background info? Thanx... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Hambornerstraße 55 | Web: http://www.capgemini.com D-40472 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net pgplAifNVqoEk.pgp Description: PGP signature
Re: [OpenAFS] Reiserfs under AFS
Am Freitag, 1. Dezember 2006 15:13 schrieb ext Vishal Shah: > Can I share a disc that is carrying a reiserfs using AFS? > > I know the limitation of reiserfs/xfs/jfs combined with AFS on > the client side... i.e. the client-side cache needs to be either > ext2 or ext3, but what about the server side local file systems? Yes, you can use reiserfs for /vicepX. HTH... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Hambornerstraße 55 | Web: http://www.capgemini.com D-40472 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net pgph4XX4qLZ46.pgp Description: PGP signature
Re: [OpenAFS] Initial fileserver setup fails
Am Donnerstag, 28. September 2006 23:40 schrieb ext Fabrice Toppi: > I'm reading some howto's (mainly Gentoo-oriented), and I'm stuck when I > have to create the fs instance (here: > http://www.openafs.org/pages/doc/QuickStartUnix/auqbg002.htm#ToC_67). > > Sep 28 23:10:11 [bosserver] BNODE 'fs' repeatedly failed to start, > perhaps missing executable._ Did you type the commands as listed in the document above, or as listed in the Gentoo-oriented HowTos? Can you post the complete command you used? > And here is what "bos status afsone -long -noauth" tells me about > fileserver (the other four ka,bu,pt and vlserver are running normally): You don't normally need kaserver anymore. You should use Kerberos V instead (either Heimdahl or MIT, I use MIT). > Command 1 is '/usr/libexec/openafs/fileserver' > Command 2 is '/usr/libexec/openafs/volserver' > Command 3 is '/usr/libexec/openafs/salvager' Looks like you typed the correct commands... > The /vicepa directory exists, and an empty ext2 partition is mounted > read/write with default options. You mean "...is mounted on /vicepa.", right? Why are you using ext2? Since those partitions can be quite large, I'd go with a journaling fs. I've read somewhere (I think it was in slides from Alf Wachsman) that xfs would be a good choice with regard to performance. Personally, I use reiserfs. > That OS is running as a guest in Vmware ESX, could it be related ? Don't know. > Kernel version is stock 2.6.17.6, OpenAFS is 1.4.2_rc4 (same for kernel > module). Should I try some older stable release (1.4.1 ? maybe older ?). I've running it on Gentoo with latest versions of both vanilla kernel and openafs w/o probs. Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Hambornerstraße 55 | Web: http://www.capgemini.com D-40472 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net pgpsaTw4MtQ9q.pgp Description: PGP signature
Re: [OpenAFS] PAGS and kernels
Am Dienstag, 12. September 2006 13:28 schrieb ext chas williams - CONTRACTOR: > you should try one of the beta releases of 1.4.2. i believe that > 1.4.2fc3 is the latest. PAGs are optionally (determined at compile > time) implemented via the keyring and that might work somewhat better > with newer kernels. > > the fc4 kernels come with keyring support builtin. Just to clarify: Does this mean that, when using kernel.org kernels, one has to enable CONFIG_KEYS? Thanks... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Hambornerstraße 55 | Web: http://www.capgemini.com D-40472 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net pgpcH7JhTrIDd.pgp Description: PGP signature
[OpenAFS] Q: Nested groups and performance
Hi, just a short question: Does enabling (and using) nested groups have any known impact on performance? Thanks... Dirk pgpB8t3u69j75.pgp Description: PGP signature
Re: [OpenAFS] Supported enctypes in OpenAFS 1.4.x
Am Mittwoch, 30. August 2006 11:17 schrieb ext Dirk Heinrichs: > I've just installed a new cell, using MIT Krb5 1.4.3 and OpenAFS 1.4.1. > For the afs/cellname principal I have used enctype des-cbc-crc:normal. > Now I wonder wether this was my only choice or could I just have used > another (more secure) enctype? Is there a list of K5 enctypes I can use > for AFS? Thank you very much for all your answers. I got the picture now :-) Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Hambornerstraße 55 | Web: http://www.capgemini.com D-40472 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net pgp15Woy971Aj.pgp Description: PGP signature
Re: [OpenAFS] setting up a new cell on RHEL4
Am Mittwoch, 30. August 2006 12:31 schrieb ext Huw Lynes: > In the logs I noticed: > afs: Lost contact with file server 127.0.0.1 in cell wesc.cs.cf.ac.uk > afs: Lost contact with file server 127.0.0.1 in cell wesc.cs.cf.ac.uk Check /etc/hosts. Give your host a "real" IP address. HTH... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Hambornerstraße 55 | Web: http://www.capgemini.com D-40472 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net pgpCXIZ7kJZDv.pgp Description: PGP signature
[OpenAFS] Supported enctypes in OpenAFS 1.4.x
Hi, I've just installed a new cell, using MIT Krb5 1.4.3 and OpenAFS 1.4.1. For the afs/cellname principal I have used enctype des-cbc-crc:normal. Now I wonder wether this was my only choice or could I just have used another (more secure) enctype? Is there a list of K5 enctypes I can use for AFS? Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Hambornerstraße 55 | Web: http://www.capgemini.com D-40472 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net pgpExUhO6eDNQ.pgp Description: PGP signature
Re: [OpenAFS] OpenAFS vs NFSv4 (linux)
Am Donnerstag, 24. August 2006 15:40 schrieb ext Lars Wilke: > Well, at least in Debian and ScientificLinux OpenAFS is available. > For others i don't know. Gentoo has ebuilds as well. > That seems to be whole reason. Once i have read that there was a plan > to create a kernel module which could have a compatible license, > so the kernel module could be included in the mainline kernel, > but never heard of that idea again. Well, it exists and it comes with the kernel.org sources since a long time now. However, it's far from usable. Read Documentation/filesystems/afs.txt from a recent kernel for details. Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Hambornerstraße 55 | Web: http://www.capgemini.com D-40472 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net pgp1Eh0VWYoQj.pgp Description: PGP signature
Re: [OpenAFS] OpenAFS vs NFSv4 (linux)
Am Dienstag, 15. August 2006 16:21 schrieb ext David Werner: > own work to get it running. So I now have to argue against my > colleagues which say with every patched version of kernel one has to > build up afs again, which seems to be true. It's not. The only thing you (may) have to rebuild is the kernel module. Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Hambornerstraße 55 | Web: http://www.capgemini.com D-40472 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net pgp7ezEYeWDOS.pgp Description: PGP signature
Re: [OpenAFS] Questions about OpenAFS "reality"
Am Dienstag, 13. Dezember 2005 13:20 schrieb ext Leroy Tennison: > Is there a Linux GUI for day-to-day administration? AFAIK not. > What is the status of server-side byte-range locking? If this isn't a > near-term reality what alternatives do people use (SQL server is > obviously a possibility, are there other alternatives for "MS Access" > style databases and other byte-range locking needs)? Could you clarify this? Do you mean SQL Server as alternative to AFS or to MS Access stored in AFS? > What are people doing for printing, particularly Windows printing? I don't get the point. How is printing related to AFS? Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Hambornerstraße 55 | Web: http://www.capgemini.com D-40472 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net pgpEGVVBamQEu.pgp Description: PGP signature
Re: [OpenAFS] openafs and Kerberos
Am Mittwoch, 23. November 2005 16:09 schrieb ext Dr A V Le Blanc: > (1) It won't allow a user whose home directory is in AFS to > authenticate using ssh keys, even if he has Kerberos > tickets to transfer. Should work if the ssh key is stored in LDAP. Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Hambornerstraße 55 | Web: http://www.capgemini.com D-40472 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net pgpymH9B4go8m.pgp Description: PGP signature
[OpenAFS] 2 simple questions
Hi, I have two questions regarding AFS administration best practices: 1) For users home directories in AFS, is it save to remove system:administrators from the ACLs (the users have rlidwka on their $HOME)? 2) I currently have /afs and /afs/ owned by root:root, but i.e. /afs//data is owned by afsadm:afs (150:150), afsadm being a member of system:administrators. Is it ok to have /afs (the volume, not the mount point) and /afs/ be owned by afsadm:afs? Thanx... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Hambornerstraße 55 | Web: http://www.capgemini.com D-40472 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net pgpBoPb6HE6KV.pgp Description: PGP signature
Re: [OpenAFS] debian, login, pam.d, home on afs and aklog
Am Freitag, 9. September 2005 13:16 schrieb ext Sergio Gelato: > Haven't tried recent Red Hat pam_krb5 (2.x) yet. That's the one that I use on Gentoo, works fine. > > Anyone knows a easy way for users to get tokens on login? Try latest pam_krb5 from RH/Fedora. The pre 2.x versions can't get tokens from krb5 tickets. Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Hambornerstraße 55 | Web: http://www.capgemini.com D-40472 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net pgpPjUPactTzb.pgp Description: PGP signature
Re: [OpenAFS] Linux: Problem compiling 1.3.85 kernel module with 2.6.13
Am Mittwoch, 31. August 2005 17:37 schrieb ext Derrick J Brashear: > So openafs-announce is chopped meat? Oops, forgot to subscribe, shame on me ;-) Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Hambornerstraße 55 | Web: http://www.capgemini.com D-40472 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net pgpk17XYfBk9Z.pgp Description: PGP signature
Re: [OpenAFS] Linux: Problem compiling 1.3.85 kernel module with 2.6.13
Am Mittwoch, 31. August 2005 16:00 schrieb ext Derrick J Brashear: > On Wed, 31 Aug 2005, Dirk Heinrichs wrote: > > Hi, > > > > when compiling 1.3.85 against linux 2.6.13, I get this error: > > When I drive my old car, the muffler sometimes falls off. I gave up and > started driving the new one. Yep, you're right. Unfortunately the new one hasn't been advertised, yet (at least not on the release page, where 1.3.87 is latest), so I didn't even know it exists :-) However, already found 1.4.0-rc2 on dl.openafs.org and it seems to work. Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Hambornerstraße 55 | Web: http://www.capgemini.com D-40472 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net pgpnyJfNEbh5D.pgp Description: PGP signature
[OpenAFS] Linux: Problem compiling 1.3.85 kernel module with 2.6.13
Hi, when compiling 1.3.85 against linux 2.6.13, I get this error: CC [M] /gentoo/build/portage/openafs-kernel-1.3.85/work/openafs-1.3.85/src/libafs/MODLOAD-2.6.13-SP/osi_sleep.o /gentoo/build/portage/openafs-kernel-1.3.85/work/openafs-1.3.85/src/libafs/MODLOAD-2.6.13-SP/osi_sleep.c: In function `afs_osi_SleepSig': /gentoo/build/portage/openafs-kernel-1.3.85/work/openafs-1.3.85/src/libafs/MODLOAD-2.6.13-SP/osi_sleep.c:197: error: too many arguments to function `refrigerator' /gentoo/build/portage/openafs-kernel-1.3.85/work/openafs-1.3.85/src/libafs/MODLOAD-2.6.13-SP/osi_sleep.c: In function `osi_TimedSleep': /gentoo/build/portage/openafs-kernel-1.3.85/work/openafs-1.3.85/src/libafs/MODLOAD-2.6.13-SP/osi_sleep.c:279: error: too many arguments to function `refrigerator' make[6]: *** [/gentoo/build/portage/openafs-kernel-1.3.85/work/openafs-1.3.85/src/libafs/MODLOAD-2.6.13-SP/osi_sleep.o] Error 1 make[5]: *** [_module_/gentoo/build/portage/openafs-kernel-1.3.85/work/openafs-1.3.85/src/libafs/MODLOAD-2.6.13-SP] Error 2 make[5]: Leaving directory `/usr/src/linux-2.6.13' make[4]: *** [libafs.ko] Error 2 make[4]: Leaving directory `/gentoo/build/portage/openafs-kernel-1.3.85/work/openafs-1.3.85/src/libafs/MODLOAD-2.6.13-SP' Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Hambornerstraße 55 | Web: http://www.capgemini.com D-40472 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net pgpOR7fokE1F2.pgp Description: PGP signature
Re: [OpenAFS] [FOR TESTING] OpenAFS 1.4.0-rc1 RPMs for RHEL4 (i386, x86_64)
Am Montag, 22. August 2005 23:28 schrieb ext Christopher Allen Wing: > Note that the pam_krb5 module in RHEL4 is defective. It will not obtain > AFS tokens if -dynroot is enabled (which is the default in OpenAFS 1.4); > it also may not obtain tokens if you have more than 1 AFS server. I have > entered bug reports and patches in bugzilla but Red Hat has not acted > upon any of them. In the mean time you can download fixed pam_krb5 RPMs > for i386 and x86_64 from here: > > > http://www-personal.engin.umich.edu/~wingc/openafs/pam_krb5/2.1.2-1.fixed Did you test 2.1.8-2 from http://download.fedora.redhat.com/pub/fedora/linux/core/development/SRPMS/ ? Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Hambornerstraße 55 | Web: http://www.capgemini.com D-40472 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net pgp5y3V7Sdjvl.pgp Description: PGP signature
[OpenAFS] Re: Problem starting 1.3.8[56] client on Linux 2.6.12.3
Am Dienstag, 9. August 2005 09:01 schrieben Sie: > Hi, > > I'm trying to setup a test cell on a Gentoo Linux Laptop using kernel > 2.6.12.3, MIT KerberosV 1.4.1, and OpenAFS 1.3.86. Kerberos is working > fine. > > I also followed Tracy Di Marco's paper (with changes where appropriate Correction: I used the DFN Cert OpenAFS Bulletin [1] (german), not the slides. > for Linux/MIT KrbV). When it comes to starting the client, I get the > following error message: > > afsd: Can't mount AFS on /afs(22) > > I allready asked Google and found that it may be a problem with other > modules, so I strace'd afsd (see attached file) and found lots of lines > of the form: > > 6228 open("/proc/fs/openafs/afs_ioctl", O_RDWR) = 3 > 6228 ioctl(3, CAPI_REGISTER or SNDCTL_COPR_LOAD, 0xbfd2b550) = 22 > 6228 close(3) = 0 > > I also tried rebooting the machine without any capi or snd* modules > loaded, but that didn't help. Bye... Dirk [1]: http://www.dfn-cert.de/infoserv/dib/dib-2002-03-OpenAFS/index.html -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Hambornerstraße 55 | Web: http://www.capgemini.com D-40472 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net pgpvM9CPODsqi.pgp Description: PGP signature
Re: [OpenAFS] File searching in openafs space
Am Montag, 20. Juni 2005 08:49 schrieb ext Christophe BERNARD: > I was wondering if there exists a tool like slocate which can run on > openafs partitions. In most standard installations of slocate, indexing any network filesystems is just switched off in the configuration file. Just edit /etc/updatedb.conf and remove "afs" from the PRUNEFS variable, then run updatedb. However, it may be a good idea to recompile slocate so that it puts it's database into AFS. This way, updatedb can be run on one machine, but the database can be accessed from all clients. HTH... Dirk -- Dirk Heinrichs | Tel: +49 (0)162 234 3408 Configuration Manager | Fax: +49 (0)211 47068 111 Capgemini Deutschland | Mail: [EMAIL PROTECTED] Hambornerstraße 55 | Web: http://www.capgemini.com D-40472 Düsseldorf | ICQ#: 110037733 GPG Public Key C2E467BB | Keyserver: www.keyserver.net pgpmVmIXdZ29C.pgp Description: PGP signature
[OpenAFS] OAFS performance on diskless clients
Hello, I wonder what would be the minimum requirements for a network based on OAFS Servers and diskless clients with a user base >100. Would a 10 MBit network be sufficient, or better go for 100MBit. Any suggestions? Thanx... Dirk -- Dirk Heinrichs | Tel: +49 (0)241 413 260 Configuration Manager | Fax: +49 (0)241 413 2640 QIS Systemhaus GmbH | Mail: [EMAIL PROTECTED] Juelicher Str. 338 | Web: http://www.qis-systemhaus.de D-52070 Aachen | ICQ#: 110037733 ___ OpenAFS-info mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] questions on AFS
On Wed, 5 Dec 2001, Srinivas, Mohan wrote: > Hi everybody, > can any one explain these questions? > > 1) Does AFS supports file level migration? If not what > is the reason? Just curious, what is "file level migration"? Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)241 413 260 Configuration Manager | Fax: +49 (0)241 413 2640 QIS Systemhaus GmbH | Mail: [EMAIL PROTECTED] Juelicher Str. 338 | Web: http://www.qis-systemhaus.de D-52070 Aachen | ICQ#: 110037733 ___ OpenAFS-info mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Q: Diskless Clients
David Thompson wrote: > > Dirk Heinrichs wrote: > >I wrote: > >> > >> Hi there, > >> > >> is it possible to operate AFS clients totally diskless? > >Hmm, I think I found the answer myself: > >The cache manager can be configured to use a memory cache instead of a > >disc cache, so it should be possible to setup a diskless client which > >mounts a small root fs from an NFS machine and have the rest on AFS. > > Yeah, but the memory cache sucks big time. What do you means with this? Normally, on a diskless workstation, there is only one user doing his work (even if it is a Unix machine), like on every usual desktop pc. So with sufficient amount of RAM in the client machine, a memory cache of about 10MB should be ok. And normally, should speed things up, compared to disk-based cache. > Depending on the architecture, you may be better off mounting a > RAM-based file system and using the disk-cache mechanism. It's sick, > but you will probably do better with that than with the memory cache. RAM based filesystem is ok (NFS mounted root was just an example), but with a disk based cache, I don't have a diskless workstation anymore. So I could also boot from that disk. Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)241 413 260 QIS Systemhaus GmbH | Fax: +49 (0)241 413 2640 Jülicher Str. 338b | Mail: [EMAIL PROTECTED] D-52070 Aachen | Web: http://www.qis-systemhaus.de ___ OpenAFS-info mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo.cgi/openafs-info
Re: [OpenAFS] Q: Diskless Clients
I wrote: > > Hi there, > > is it possible to operate AFS clients totally diskless? Hmm, I think I found the answer myself: The cache manager can be configured to use a memory cache instead of a disc cache, so it should be possible to setup a diskless client which mounts a small root fs from an NFS machine and have the rest on AFS. Bye... Dirk -- Dirk Heinrichs | Tel: +49 (0)241 413 260 QIS Systemhaus GmbH | Fax: +49 (0)241 413 2640 Jülicher Str. 338b | Mail: [EMAIL PROTECTED] D-52070 Aachen | Web: http://www.qis-systemhaus.de ___ OpenAFS-info mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo.cgi/openafs-info
[OpenAFS] Q: Diskless Clients
Hi there, is it possible to operate AFS clients totally diskless? Thanx... Dirk -- Dirk Heinrichs | Tel: +49 (0)241 413 260 QIS Systemhaus GmbH | Fax: +49 (0)241 413 2640 Jülicher Str. 338b | Mail: [EMAIL PROTECTED] D-52070 Aachen | Web: http://www.qis-systemhaus.de ___ OpenAFS-info mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo.cgi/openafs-info