[OpenAFS] newer version of aklog?
Michael Bartosh
mbartosh@mac.com
Mon, 19 Dec 2005 18:13:23 -0700
On Dec 19, 2005, at 6:07 PM, Michael Bartosh wrote:
> I htink suse 10.0 ships with an old aklog.
>
ack nevermind:
linux:/etc/openafs # rpm -qf /afs
openafs-client-1.3.85-3
It all looks rather old.
-mb
> I get as far as:
>
> linux:~ # aklog -d
> Authenticating to cell tigerserver.lan (server linux).
> We've deduced that we need to authenticate to realm TIGERSERVER.LAN.
> Getting tickets: afs/tigerserver.lan@TIGERSERVER.LAN
> Kerberos error code returned by get_cred: -1765328228
> aklog: Couldn't get tigerserver.lan AFS tickets:
> aklog: Cannot contact any KDC for requested realm while getting AFS
> tickets
> linux:~ # klist
> Ticket cache: FILE:/tmp/krb5cc_0
> Default principal: admin@TIGERSERVER.LAN
>
> but then the ticket looks right:
>
>
> Valid starting Expires Service principal
> 12/19/05 17:53:31 12/20/05 03:53:31 krbtgt/
> TIGERSERVER.LAN@TIGERSERVER.LAN
> renew until 12/20/05 17:53:38
> 12/19/05 17:53:49 12/20/05 03:53:31 afs/
> tigerserver.lan@TIGERSERVER.LAN
> renew until 12/20/05 17:53:38
>
>
> Kerberos 4 ticket cache: /tmp/tkt0
> klist: You have no tickets cached
>
>
> Finally, I see 524 traffic:
>
> 17:01:37.108772 IP xs0.tigerserver.lan > linux.tigerserver.lan:
> icmp 36: xs0.tigerserver.lan udp port krb524 unreachable
> 17:01:37.108918 IP linux.tigerserver.lan.netinfo-local >
> xs0.tigerserver.lan.krb524: UDP, length: 285
> 17:01:37.108933 IP xs0.tigerserver.lan > linux.tigerserver.lan:
> icmp 36: xs0.tigerserver.lan udp port krb524 unreachable
> 17:01:37.109068 IP linux.tigerserver.lan.activesync >
> xs0.tigerserver.lan.krb524: UDP, length: 285
> 17:01:37.109081 IP xs0.tigerserver.lan > linux.tigerserver.lan:
> icmp 36: xs0.tigerserver.lan udp port krb524 unreachable
> 17:01:37.109221 IP linux.tigerserver.lan.mxxrlogin >
> xs0.tigerserver.lan.krb524: UDP, length: 285
> 17:01:37.109234 IP xs0.tigerserver.lan > linux.tigerserver.lan:
> icmp 36: xs0.tigerserver.lan udp port krb524 unreachable
>
> I was under the impression we no longer needed 524.
>
> Am I correct in thinking this means my version of aklog is old? If
> so, what's the best way to fix this?
>
> Thanks-
>
>
>
>
>
>
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
>