[OpenAFS] Re: OpenAFS 1.4.2 on latest FC5 kernel
David Howells
dhowells@redhat.com
Thu, 26 Oct 2006 16:14:25 +0100
Okay... You should be able to use the attached script to quickly set up an
OpenAFS server for either the standard OpenAFS RPMs or Axel's OpenAFS RPMs.
Note I say "should".... On x86_64, the "fs" program SEGV's:
+ fs setacl /afs system:anyuser rl
fs:'/afs'/tmp/do-afs-admin-9629.sh: line 6: 9802 Segmentation fault fs setacl /afs system:anyuser rl
The same problem happens with the standard OpenAFS RPMs for FC5 recompiler for
x86_64. I'll try attaching gdb to it when I've reinstalled by test box
(accidentally deleting /var/lib is not to be considered a good idea).
David
---
#!/bin/sh
#
# OpenAFS setup script
#
#
# Before running this script, do the following:
#
# - create a user called "admin" and stick their password in below
# - create, format and mount a fresh partition to use as the AFS root store.
# (mount it on /vicepa)
# - decide on appropriate MYCELL and MYSERVER names
# - point RPMDIR, RPMVER and DOCDIR at the appropriate place
#
MYCELL=${MYCELL:-`domainname`}
MYCELLSHORT=`echo $MYCELL | cut -d. -f1`
MYSERVER=${MYSERVER:-`hostname`}
AFSPASSWD=${AFSPASSWD:-rhubarb1}
ADMINPASSWD=${ADMINPASSWD:-custard2}
ROOTAFSPARTITION=${ROOTAFSPARTITION:-/vicepa}
ARCH=${ARCH:-x86_64}
AFSVER=${AFSVER:-1.4.2}
RPMVER=${RPMVER:-$AFSVER-1.1}
RPMDIR=${RPMDIR:-/usr/src/redhat/RPMS/$ARCH}
DOCDIR=${DOCDIR:-/usr/share/doc/openafs-$AFSVER}
###################################################################################################
#
# Do it!
#
###################################################################################################
if [ `id -u` != 0 ]
then
echo "Please run this script as root!" >&2
exit 2
fi
if [ $# != 0 ]
then
echo 'No parameters required!' >&2
exit 2
fi
if ! grep ^admin: /etc/passwd >&/dev/null
then
echo -n 'Add an "admin" user to the system? [Y/N] '
read x
if [ "$x" != "y" -a "$x" != "Y" ]
then
echo 'Please add an "admin" user first!' >&2
exit 2
fi
if [ -z "$ADMINPASSWD" ]
then
echo -n 'Please enter the password to use: '
read ADMINPASSWD
if [ -z "$ADMINPASSWD" ]
then
echo "No admin password was entered!"
exit 2
fi
fi
echo "Adding \"admin\"..."
useradd -s /bin/bash -c "AFS Administrator" -p "$ADMINPASSWD" admin || exit 1
fi
if ! su admin -c /bin/true
then
echo "Can't run programs as the \"admin\" user!" >&2
exit 2
fi
ADMINUID=`id -u admin`
cat <<EOF
===============================================================================
Cell : $MYCELL
Cell nickname : $MYCELLSHORT
This server : $MYSERVER
AFS user password : "$AFSPASSWD"
Admin user : admin
Admin user UID : $ADMINUID
Admin user password : "$ADMINPASSWD"
Root AFS partition : $ROOTAFSPARTITION
OpenAFS RPM Directory : $RPMDIR
OpenAFS RPM Version : $RPMVER
Documentation Directory : $DOCDIR
===============================================================================
EOF
echo -n "Press enter to install or Ctrl-C to abort "
read x
echo Installing...
set -x
mkdir -p /afs
#
# Precreate an AFS cell DB
#
#
# install the OpenAFS packages
#
#rpm -ivh $RPMDIR/openafs-$RPMVER.$ARCH.rpm || exit 1
#rpm -ivh $RPMDIR/openafs-docs-$RPMVER.$ARCH.rpm || exit 1
#rpm -ivh $RPMDIR/openafs-kernel-$AFSVER*.$ARCH.rpm || exit 1
#rpm -ivh $RPMDIR/openafs-client-$RPMVER.$ARCH.rpm || exit 1
#rpm -ivh $RPMDIR/openafs-server-$RPMVER.$ARCH.rpm || exit 1
#
# find where things are
#
if [ -x /usr/afs/bin/bosserver ]
then
SBINDIR=/usr/afs/bin
elif [ -x /usr/sbin/bosserver ]
then
SBINDIR=/usr/sbin
else
echo "Can't find bosserver" >&2
exit 2
fi
if [ -x /usr/afs/bin/volserver ]
then
EXECDIR=/usr/afs/bin
elif [ -x /usr/sbin/volserver ]
then
EXECDIR=/usr/sbin
elif [ -x /usr/libexec/openafs/volserver ]
then
EXECDIR=/usr/libexec/openafs
else
echo "Can't find bosserver" >&2
exit 2
fi
if [ -d /usr/afs/etc ]
then
AFSETCDIR=/usr/afs/etc
elif [ -d /etc/openafs/server ]
then
AFSETCDIR=/etc/openafs/server
else
echo "Can't find AFS server etc dir" >&2
exit 2
fi
if [ -d /usr/vice/etc ]
then
VICEETCDIR=/usr/vice/etc
elif [ -d /etc/openafs ]
then
VICEETCDIR=/etc/openafs
else
echo "Can't find AFS client etc dir" >&2
exit 2
fi
cat <<EOF
===============================================================================
AFS Server Progs : $SBINDIR
AFS Server Daemons : $EXECDIR
AFS Server Config : $AFSETCDIR
AFS Client Config : $VICEETCDIR
===============================================================================
EOF
#
# Getting Started on Linux Systems
#
service openafs-server start || exit 1
killall bosserver
#
# Starting the BOS Server
#
$SBINDIR/bosserver -noauth || exit 1
#
# Defining Cell Name and Membership for Server Processes
#
bos setcellname -server $MYSERVER -name $MYCELL -noauth || exit 1
cp -f $AFSETCDIR/ThisCell $VICEETCDIR/ThisCell || exit 1
cat $AFSETCDIR/CellServDB >$VICEETCDIR/CellServDB.local || exit 1
cat $AFSETCDIR/CellServDB >>$VICEETCDIR/CellServDB || exit 1
bos listhosts $MYSERVER $MYCELL -noauth || exit 1
#
# Starting the Database Server Processes
#
bos create $MYSERVER kaserver simple $EXECDIR/kaserver -cell $MYCELL -noauth || exit 1
bos create $MYSERVER buserver simple $EXECDIR/buserver -cell $MYCELL -noauth || exit 1
bos create $MYSERVER ptserver simple $EXECDIR/ptserver -cell $MYCELL -noauth || exit 1
bos create $MYSERVER vlserver simple $EXECDIR/vlserver -cell $MYCELL -noauth || exit 1
#
# Initializing Cell Security
#
echo -e $AFSPASSWD\\n$AFSPASSWD | kas create afs -cell $MYCELL -noauth || exit 1
echo -e $ADMINPASSWD\\n$ADMINPASSWD | kas create admin -cell $MYCELL -noauth || exit 1
kas examine afs -cell $MYCELL -noauth || exit 1
kas setfields admin -flags admin -cell $MYCELL -noauth || exit 1
kas examine admin -cell $MYCELL -noauth || exit 1
bos adduser $MYSERVER admin -cell $MYCELL -noauth || exit 1
echo -e $AFSPASSWD\\n$AFSPASSWD | bos addkey $MYSERVER -kvno 0 -cell $MYCELL -noauth || exit 1
bos listkeys $MYSERVER -noauth -cell $MYCELL || exit 1
pts createuser -name admin -cell $MYCELL -id $ADMINUID -noauth || exit 1
pts adduser admin system:administrators -cell $MYCELL -noauth || exit 1
pts examine admin || exit 1
pts membership admin -cell $MYCELL -noauth || exit 1
bos restart $MYSERVER -all -cell $MYCELL -noauth || exit 1
#
# Starting the File Server, Volume Server, and Salvager
#
bos create $MYSERVER fs fs $EXECDIR/fileserver $EXECDIR/volserver $EXECDIR/salvager -cell $MYCELL -noauth || exit 1
bos status $MYSERVER fs -long -noauth || exit 1
vos create $MYSERVER $ROOTAFSPARTITION root.afs -cell $MYCELL -noauth || exit 1
vos syncvldb $MYSERVER -cell $MYCELL -verbose -noauth || exit 1
vos syncserv $MYSERVER -cell $MYCELL -verbose -noauth || exit 1
#
# Starting the Server Portion of the Update Server
#
bos create $MYSERVER upserver simple "$EXECDIR/upserver -crypt $AFSETCDIR -clear $EXECDIR" -cell $MYCELL -noauth || exit 1
#
# Verifying the AFS Initialization Script
#
bos shutdown $MYSERVER -wait -noauth || exit 1
service openafs-server stop || exit 1
service openafs-server start || exit 1
bos status $MYSERVER -noauth || exit 1
#
# Now start the client
#
service openafs-client start || exit 1
###############################################################################
#
# The next bit must be done as the admin user
#
###############################################################################
cat >/tmp/do-afs-admin-$$.sh <<EOF
#!/bin/sh -x
echo $ADMINPASSWD | klog admin -pipe || exit 1
#
# Configuring the Top Levels of the AFS Filespace
#
fs setacl /afs system:anyuser rl || exit 1
vos create $MYSERVER $ROOTAFSPARTITION root.cell || exit 1
fs mkmount /afs/$MYCELL root.cell || exit 1
fs setacl /afs/$MYCELL system:anyuser rl || exit 1
cd /afs
if [ "x$MYCELL" != "x$MYCELLSHORT" ]
then
ln -s $MYCELL $MYCELLSHORT || exit 1
fi
cd $SBINDIR
fs mkmount /afs/.$MYCELL root.cell -rw || exit 1
vos addsite $MYSERVER $ROOTAFSPARTITION root.afs || exit 1
vos addsite $MYSERVER $ROOTAFSPARTITION root.cell || exit 1
fs examine /afs || exit 1
fs examine /afs/$MYCELL || exit 1
vos release root.afs || exit 1
vos release root.cell || exit 1
fs checkvolumes || exit 1
fs examine /afs || exit 1
fs examine /afs/$MYCELL || exit 1
#
# Storing AFS Documents in AFS
#
vos create $MYSERVER $ROOTAFSPARTITION afsdoc -maxquota 0 || exit 1
fs mkmount -dir /afs/.$MYCELL/afsdoc -vol afsdoc || exit 1
vos release root.cell || exit 1
fs checkvolumes || exit 1
cd /afs/.$MYCELL/afsdoc
fs setacl . system:anyuser rl || exit 1
cp -rp $DOCDIR/* . || exit 1
EOF
chmod +x /tmp/do-afs-admin-$$.sh || exit 1
su admin -c /tmp/do-afs-admin-$$.sh || exit 1
rm /tmp/do-afs-admin-$$.sh || exit 1
# Also, you may want to edit /etc/pam.d/login and
# possibly others there to get an AFS token on login.
# Put the line:
#
# auth sufficient /lib/security/pam_afs.so try_first_pass ignore_root
#
# before the one for pwdb.
exit 0