[OpenAFS] acl issue

Fabien COMBERNOUS fcombernous@kezia.com
Tue, 07 Jun 2011 15:01:43 +0200


Hi there,

I want to setup an openafs cell for some tests.
I'm using debian with package 1.4.12.1+dfsg-4.

I'm running the document available at the following adresse :
http://docs.openafs.org/QuickStartUnix

The following server services are running.
root      1990  0.0  0.3   4964  3684 ?        Ss   11:54   0:00 
/usr/sbin/bosserver
root      1991  0.0  0.4   6560  5112 ?        S    11:54   0:00 
/usr/lib/openafs/buserver
root      1992  0.0  0.5   7236  6032 ?        S    11:54   0:00 
/usr/lib/openafs/ptserver
root      1993  0.0  0.7   9436  7956 ?        S    11:54   0:00 
/usr/lib/openafs/vlserver
root      1994  0.0  0.7 172276  7292 ?        S<l  11:54   0:00 
/usr/lib/openafs/fileserver
root      1995  0.0  0.1 109860  1772 ?        Sl   11:54   0:00 
/usr/lib/openafs/volserver

All action are done on the server hosting server services and client 
services.

I'm at this end of the setup, i would like to do action described here :
http://docs.openafs.org/QuickStartUnix/ch02s28.html

When i run the command :

*/usr/afs/bin/fs setacl /afs system:anyuser rl

Because*  *afsd was running with -dynroot flag*, attempts to set the ACL on this directory returned*  Connection timed out*.

So i turned off the dynroot flag and restart the openafs client.

I created a user with ID 1000 as admin in the group 
system:administrators. With a token for this user, i get the following 
message :
fs setacl /afs system:anyuser rl
fs: You don't have the required access rights on '/afs'

The vos create command return :
Could not get an Id for volume test
    VLDB: no permission access for call
VLDB: no permission access for call
Error in vos create command.
VLDB: no permission access for call

I'm online on IRC known as FC34.

Regards,
-- 
*Fabien COMBERNOUS*
/unix system engineer/
www.kezia.com <http://www.kezia.com/>
*Tel: +33 (0) 467 992 986*
Kezia Group