[OpenAFS] Mac OS X 10.6.x: Appropriate Firewall Settings for OpenAFS Client

Derrick Brashear shadow@gmail.com
Thu, 21 Jul 2011 17:32:54 -0400

On Thu, Jul 21, 2011 at 5:31 PM, Sergio Gelato
<Sergio.Gelato@astro.su.se> wrote:
> * Derrick Brashear [2011-07-21 09:55:51 -0400]:
>> On Thu, Jul 21, 2011 at 9:43 AM, Sergio Gelato
>> <Sergio.Gelato@astro.su.se> wrote:
>> > Has anyone succeeded in making OpenAFS work with the Application Firewall
>> > in Mac OS X? I've just tried with OpenAFS 1.6.0pre7 on a 10.6.8 system,
>> > adding /usr/sbin/afsd to the list of applications allowed to accept incoming
>> > connections, and I still can't connect to 7001/udp with rxdebug. The only way
>> > I was able to get a response on that port was by turning off the application
>> > firewall entirely.
>> after "automatically allow signed..." (in Advanced) was enabled, it
>> "just works" for me, and i have appfw on at all times.
> Thank you for your answer. It still doesn't work for me, even after
> enabling "automatically allow signed...". I must be missing something.
> What certificate authority are the OpenAFS builds signed with? Do I
> need to fiddle with certificate trust settings?

ad-hoc, at install time.

you can redo:
sudo codesign -s - /usr/sbin/afsd

> This is a fresh installation of Snow Leopard, by the way: zeroed out the
> hard disk, installed from DVD, added Rosetta and Xcode from said DVD,
> ran softwareupdate, installed OpenAFS 1.6.0pre7; nothing else.