On Fri, 2004-09-17 at 15:53, Derek Harkness wrote:
fs sa /afs system:anyuser rl -localauth
fs: Unrecognized or ambiguous switch '-localauth'; type 'fs help sa'
for detailed help
Post these:
pts listentries
pts membership your administrator
klist -f
tokens
--
Sensei mailto:[EMAIL PROTECTED]
On Fri, 2004-09-17 at 16:53, Derek Harkness wrote:
pts: Permission denied ; unable to list entries
aklog is working correctly. Now, few questions:
- output of asetkey list
- did you include the dharknes user in system:administrator at first?
- try to use again bosserver -noauth and then change
asetkey list returns the correct information verified against the
kerberos database.
I did include dharknes in the system:administrators. Actually dharknes
is the only user in the system since I'm just trying to do the initial
setup.
Okay started bosserver -noauth and did fs sa /afs
Actually, no, the -showmounts argument does not cause the fileserver to be
shut down. It's a read operation and makes no changes, so there's no need.
Many cells use it to build a mount point map.
Daily cron is fine. It'll spin the disks the vicep's are mounted on so if
you're fileservers are
Derek,
What does bos status server -long show? If you have separate
servers for DB and fileserver, do this for each.
The 'connection timed out' sounds like the fileserver isn't running for
some reason, root.afs wasn't really created, or you are mounting
root.afs of another cell. (i.e.
I have .doc format
Send it to you soon
You need some experience with Latex to know how to hack the sources, the
converter is stupid.
But there are no keystroke errors or font problems to deal with
ted
-Original Message-
From: Tommie Gannert [mailto:[EMAIL PROTECTED]
Sent: Friday,
--On Friday, September 17, 2004 10:53:12 -0400 Derek Harkness
[EMAIL PROTECTED] wrote:
klist -f
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: [EMAIL PROTECTED]
Valid starting ExpiresService principal
09/17/04 10:47:55 09/17/04 20:47:54 krbtgt/[EMAIL PROTECTED]
Hi Dave,
I don't mind at all.
As root, from the command line, run:
# /usr/afs/bin/salvager -showmounts
to get a list of mount points in the SalvageLog for the server you're
running the command on.
Example:
[EMAIL PROTECTED] movies]# time /usr/afs/bin/salvager -showmounts
real0m11.824s
On Tue, 14 Sep 2004, ted creedon wrote:
So how do you intend to do the automatic table of contents, indexing,
justification and extraction by operating system type?
With XSL? ;) Actually, wouldn't it be possible to use embedded PHP to
generate contents...
Latex produces html..
To convert
* Maurizio Santini [2004-09-15 12:46:54 -0300]:
I've installed kerberos and got it work (I can get a ticket using kinit
or login from a terminal) but the problem is the AFS token that doesn't
get assigned.
Did you install MIT Kerberos or Heimdal?
Heimdal kinit has afslog support built-in (if
Thanks for all the help!!! This was the solution, only difference is
on debian it /etc/openafs/server/krb.conf instead of
/usr/afs/etc/krb.conf
Thanks again!
Derek
On Sep 17, 2004, at 1:55 PM, Chaskiel M Grundman wrote:
--On Friday, September 17, 2004 10:53:12 -0400 Derek Harkness
[EMAIL
Nice explanation of how PAM *should* work, with Kerberos and AFS.
You sited the patch I sent to OpenSSH. There where two. The have
sshd set the KRB5CCNAME into the pam_envlist so a pam_open_session
routine can use this to get an AFS token. Usefull if sshd
did the Kerberos authentication, or gssapi
I get the impression that the primary use of openafs is as a user storage
server, so far I have not received any feedback. Am I misunderstanding the
appropriate usage for openafs? :)
Another note about our setup, the cluster would be accessing openafs on a
read-only basis.
We don't have the
As a recent thread on the this list pointed out, there
are a lot of steps one must take to get AFS to work with
PAM and SSH. There are multiple versions of Kerberos to
contend with, as well as multiple versions of PAM routines,
that work with one or another versions of aklog, or afslogin.
These
I haven't got anything that builds the map. If anyone else does please
contribute if possible.
If you
cat concatenated output of salvage -showmounts | awk '{print
$6,$9,$NF}' | sed 's/[()]//g'
it will output a file with lines of the form
A
15 matches
Mail list logo