From somebody Thu Jan 01 00:00:00 UTC 1970 Received: from tuminfo2.informatik.tu-muenchen.de by penn.central.org id aa14045; 18 Apr 2001 17:18 EDT Received: from sunsystem4.informatik.tu-muenchen.de ([131.159.1.98] HELO sunsystem4.informatik.tu-muenchen.de ident: NO-IDENT-SERVICE [port 52358]) by tuminfo2.informatik.tu-muenchen.de with SMTP id <112646-12820>; Wed, 18 Apr 2001 23:18:11 +0000 Received: from lapbruegge17 (lapbruegge17.informatik.tu-muenchen.de [131.159.38.74]) by sunsystem4.informatik.tu-muenchen.de (Postfix) with ESMTP id 0E5EC510E for ; Wed, 18 Apr 2001 23:18:08 +0200 (MEST) Date: Wed, 18 Apr 2001 23:18:07 +0200 Content-Type: text/plain; format=flowed; charset=us-ascii Mime-Version: 1.0 (Apple Message framework v387) From: Martin Ott To: port-darwin@openafs.org X-Mailer: Apple Mail (2.387) Content-Transfer-Encoding: 7bit Message-Id: <20010418211808.0E5EC510E@sunsystem4.informatik.tu-muenchen.de> Subject: [OpenAFS-port-darwin] AFS Server on Mac OS X Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0rc1 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I just tried to setup an AFS server on Mac OS X. I downloaded and installed the OpenAFS package from homepage.mac.com/thomasv. Then I tried to setup an AFS server according to the IBM Quick Beginnings manual. Everything went fine till the creation of the first volume. The command: ./vos create /vicepa root.afs -cell -noauth returns following error: > Failed to create the volume root.afs 536870936 >: Input/output error >Error in vos create command. >: Input/output error /vicepa is a HFS+ partition. I have tried the same with /vicepb, my UFS partition but I receive the same error with an increased number. I think that AFS doesn't support both file systems, or I am wrong? If it doesn't support the two file systems will there be a workaround or what other platform do you recommend for setting up an AFS server that I can use with Mac OS X? Cheers, Martin Ott. From somebody Thu Jan 01 00:00:00 UTC 1970 Received: from FORT-POINT-STATION.MIT.EDU by penn.central.org id aa14102; 18 Apr 2001 17:35 EDT Received: from central-city-carrier-station.mit.edu (CENTRAL-CITY-CARRIER-STATION.MIT.EDU [18.7.21.75]) by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id RAA05744; Wed, 18 Apr 2001 17:35:08 -0400 (EDT) Received: from manawatu-mail-centre.mit.edu (MANAWATU-MAIL-CENTRE.MIT.EDU [18.7.21.85]) by central-city-carrier-station.mit.edu (8.9.2/8.9.2) with ESMTP id RAA19467; Wed, 18 Apr 2001 17:35:08 -0400 (EDT) Received: from ssen.mit.edu (SSEN.MIT.EDU [18.245.1.241]) by manawatu-mail-centre.mit.edu (8.9.2/8.9.2) with ESMTP id RAA12705; Wed, 18 Apr 2001 17:34:56 -0400 (EDT) Received: from ssen.mit.edu (ssen@localhost) by ssen.mit.edu (8.11.0/8.11.0) with ESMTP id f3ILYq128530; Wed, 18 Apr 2001 17:34:56 -0400 Message-Id: <200104182134.f3ILYq128530@ssen.mit.edu> To: Martin Ott cc: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] AFS Server on Mac OS X In-Reply-To: Message from Martin Ott of "Wed, 18 Apr 2001 23:18:07 +0200." <20010418211808.0E5EC510E@sunsystem4.informatik.tu-muenchen.de> Date: Wed, 18 Apr 2001 17:34:52 -0400 From: Shantonu Sen Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0rc1 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Martin Ott writes: >I think that AFS doesn't support both file systems, or I am wrong? If it >doesn't support the two file systems will there be a workaround or what >other platform do you recommend for setting up an AFS server that I can >use with Mac OS X? You might have better luck with Solaris or Linux as an AFS server (moreso Solaris). If you only have Mac's, the ppc linux server might work too. Shantonu *-------------------------------------------* |Shantonu Sen * (617)225-7269 * ssen@mit.edu| |Electrical Engineering and Computer Science| |Massachusetts Institute of Technology, 2002| *-------------------------------------------* From somebody Thu Jan 01 00:00:00 UTC 1970 Received: from mail-out2.apple.com by penn.central.org id aa14166; 18 Apr 2001 17:50 EDT Received: from apple.com (A17-129-100-225.apple.com [17.129.100.225]) by mail-out2.apple.com (8.9.3/8.9.3) with ESMTP id OAA18819 for ; Wed, 18 Apr 2001 14:50:07 -0700 (PDT) Received: from scv1.apple.com (scv1.apple.com) by apple.com (Content Technologies SMTPRS 4.2.1) with ESMTP id for ; Wed, 18 Apr 2001 14:50:06 -0700 Received: from [17.216.26.10] (vg0602c-dhcp10.apple.com [17.216.26.10]) by scv1.apple.com (8.9.3/8.9.3) with ESMTP id OAA16586 for ; Wed, 18 Apr 2001 14:50:06 -0700 (PDT) User-Agent: Microsoft-Entourage/9.0.2509 Date: Wed, 18 Apr 2001 14:50:09 -0700 Subject: Re: [OpenAFS-port-darwin] AFS Server on Mac OS X From: Thomas Vincent To: Message-ID: In-Reply-To: <20010418211808.0E5EC510E@sunsystem4.informatik.tu-muenchen.de> Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0rc1 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: The server portion of AFS on OS X is not complete. You will have to talk to Chaskiel about when it will be ready. http://homepage.mac.com/thomasv contains the binary Chaskiel at CMU created. The page is meant for remote Apple employee's wishing to test AFS. Though anyone wishing to use the installer can. There is nothing special about it. Cheers, Thomas Vincent Apple IS&T Owner of http://homepage.mac.com/thomasv on 4/18/01 2:18 PM, Martin Ott at ott@informatik.tu-muenchen.de wrote: > I just tried to setup an AFS server on Mac OS X. I downloaded and > installed the OpenAFS package from homepage.mac.com/thomasv. Then I > tried to setup an AFS server according to the IBM Quick Beginnings > manual. Everything went fine till the creation of the first volume. > > The command: ./vos create /vicepa root.afs -cell > -noauth > returns following error: >> Failed to create the volume root.afs 536870936 >> : Input/output error >> Error in vos create command. >> : Input/output error > > /vicepa is a HFS+ partition. I have tried the same with /vicepb, my UFS > partition but I receive the same error with an increased number. > > I think that AFS doesn't support both file systems, or I am wrong? If it > doesn't support the two file systems will there be a workaround or what > other platform do you recommend for setting up an AFS server that I can > use with Mac OS X? > > Cheers, Martin Ott. > _______________________________________________ > port-darwin mailing list > port-darwin@openafs.org > https://lists.openafs.org/mailman/listinfo.cgi/port-darwin > From somebody Thu Jan 01 00:00:00 UTC 1970 Received: from tuminfo2.informatik.tu-muenchen.de by penn.central.org id aa13987; 18 Apr 2001 16:55 EDT Received: from sunsystem4.informatik.tu-muenchen.de ([131.159.1.98] HELO sunsystem4.informatik.tu-muenchen.de ident: NO-IDENT-SERVICE [port 52032]) by tuminfo2.informatik.tu-muenchen.de with SMTP id <112630-12820>; Wed, 18 Apr 2001 22:55:17 +0000 Received: from lapbruegge17 (lapbruegge17.informatik.tu-muenchen.de [131.159.38.74]) by sunsystem4.informatik.tu-muenchen.de (Postfix) with ESMTP id 167A7510E for ; Wed, 18 Apr 2001 22:55:16 +0200 (MEST) Date: Wed, 18 Apr 2001 22:55:15 +0200 Content-Type: text/plain; format=flowed; charset=us-ascii Mime-Version: 1.0 (Apple Message framework v387) From: Martin Ott To: port-darwin@openafs.org X-Mailer: Apple Mail (2.387) Content-Transfer-Encoding: 7bit Message-Id: <20010418205516.167A7510E@sunsystem4.informatik.tu-muenchen.de> Subject: [OpenAFS-port-darwin] AFS Server on Mac OS X Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0rc1 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I just tried to setup an AFS server on Mac OS X. I downloaded and installed the OpenAFS package from homepage.mac.com/thomasv. Then I tried to setup an AFS server according to the IBM Quick Beginnings manual. Everything went fine till the creation of the first volume. The command: ./vos create /vicepa root.afs -cell -noauth returns following error: > Failed to create the volume root.afs 536870936 >: Input/output error >Error in vos create command. >: Input/output error /vicepa is a HFS+ partition. I have tried the same with /vicepb, my UFS partition but I receive the same error with an increased number. I think that AFS doesn't support both file systems, or I am wrong? If it doesn't support the two file systems will there be a workaround or what other platform do you recommend for setting up an AFS server that I can use with Mac OS X? Cheers, Martin Ott. From somebody Thu Jan 01 00:00:00 UTC 1970 Received: from GRAND.CENTRAL.ORG by penn.central.org id aa23192; 3 May 2001 18:36 EDT Received: by grand.central.org (Postfix) id 1E2A89CE9; Thu, 3 May 2001 18:38:32 -0400 (EDT) Delivered-To: port-darwin@openafs.org Received: from ex1.ncsa.uiuc.edu (ex1.ncsa.uiuc.edu [141.142.2.9]) by grand.central.org (Postfix) with ESMTP id DCE399CC4 for ; Thu, 3 May 2001 18:38:31 -0400 (EDT) Received: from mx1.ncsa.uiuc.edu (mx1.ncsa.uiuc.edu [141.142.2.8]) by ex1.ncsa.uiuc.edu (8.11.0/8.11.0) with ESMTP id f43MaEO16787 for ; Thu, 3 May 2001 17:36:14 -0500 (CDT) X-Envelope-From: melliott@ncsa.uiuc.edu X-Envelope-To: Received: from [141.142.22.21] (speed.ncsa.uiuc.edu [141.142.22.21]) by mx1.ncsa.uiuc.edu (8.11.0/8.11.0) with ESMTP id f43MaCY13386 for ; Thu, 3 May 2001 17:36:13 -0500 (CDT) Mime-Version: 1.0 X-Sender: melliott@pop.ncsa.uiuc.edu Message-Id: Date: Thu, 3 May 2001 17:32:51 -0500 To: port-darwin@openafs.org From: Matt Elliott Content-Type: text/plain; charset="us-ascii" Subject: [OpenAFS-port-darwin] MacOS X and Tokens Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0rc1 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I've installed the client software and I think I have the configuration correct. I can navigate my site's cell and get a token using klog in a terminal.app window but I can't seem to get the token to propogate to the Finder and the rest of my environment. Does anyone know how to get a token so the Finder can use authenticated AFS access? Can I enable klog on login somehow so I don't have to run something in addition to logging in? Other than this it looks really great. -- Matt Elliott High Performance Data Management Team 217-265-0257 From somebody Thu Jan 01 00:00:00 UTC 1970 Received: from GRAND.CENTRAL.ORG by penn.central.org id aa23272; 3 May 2001 19:03 EDT Received: by grand.central.org (Postfix) id 8A4679CF0; Thu, 3 May 2001 19:05:51 -0400 (EDT) Delivered-To: port-darwin@openafs.org Received: from mail-out1.apple.com (mail-out1.apple.com [17.254.0.52]) by grand.central.org (Postfix) with ESMTP id 6EEA19CC4 for ; Thu, 3 May 2001 19:05:50 -0400 (EDT) Received: from apple.com (A17-129-100-225.apple.com [17.129.100.225]) by mail-out1.apple.com (8.9.3/8.9.3) with ESMTP id QAA24364 for ; Thu, 3 May 2001 16:03:31 -0700 (PDT) Received: from scv2.apple.com (scv2.apple.com) by apple.com (Content Technologies SMTPRS 4.2.1) with ESMTP id for ; Thu, 3 May 2001 16:03:30 -0700 Received: from localhost (vinctom.apple.com [17.216.25.188]) by scv2.apple.com (8.9.3/8.9.3) with ESMTP id QAA05922 for ; Thu, 3 May 2001 16:03:30 -0700 (PDT) Message-Id: <200105032303.QAA05922@scv2.apple.com> Date: Thu, 3 May 2001 16:03:30 -0700 Content-Type: text/plain; format=flowed; charset=us-ascii X-Mailer: Apple Mail (2.388) From: Thomas Vincent To: port-darwin@openafs.org Mime-Version: 1.0 (Apple Message framework v388) In-Reply-To: Subject: Re: [OpenAFS-port-darwin] MacOS X and Tokens Content-Transfer-Encoding: 7bit Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0rc1 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: You need to make your pts id the same as your uid. This tricks the server into thinking pts id's are uid's. Then you can klog and get access to your resources. AFS under OS X has a couple of issues: The finder does not understand ACL's. It only understands World/Group/Everyone . The finder does not differentiate between network and local access of file systems. Both of these issues are being worked on. On Thursday, May 3, 2001, at 03:32 PM, Matt Elliott wrote: > I've installed the client software and I think I have the configuration > correct. I can navigate my site's cell and get a token using klog in a > terminal.app window but I can't seem to get the token to propogate to > the > Finder and the rest of my environment. Does anyone know how to get a > token > so the Finder can use authenticated AFS access? > > Can I enable klog on login somehow so I don't have to run something in > addition to logging in? > > Other than this it looks really great. > > -- > > > Matt Elliott High Performance Data Management Team > 217-265-0257 > _______________________________________________ > port-darwin mailing list > port-darwin@openafs.org > https://lists.openafs.org/mailman/listinfo.cgi/port-darwin From somebody Thu Jan 01 00:00:00 UTC 1970 Received: from GRAND.CENTRAL.ORG by penn.central.org id aa24789; 4 May 2001 14:03 EDT Received: by grand.central.org (Postfix) id 39FF79CFA; Fri, 4 May 2001 14:05:40 -0400 (EDT) Delivered-To: port-darwin@openafs.org Received: from socko.nada.kth.se (socko.nada.kth.se [130.237.225.116]) by grand.central.org (Postfix) with ESMTP id A027F9CC4 for ; Fri, 4 May 2001 14:05:39 -0400 (EDT) Received: from ragges-mac.nada.kth.se (ragges-mac.nada.kth.se [130.237.225.204]) (authenticated (0 bits)) by socko.nada.kth.se (8.11.1/8.11.1) with ESMTP id f44I3AF17752 (using TLSv1/SSLv3 with cipher EDH-RSA-DES-CBC3-SHA (168 bits) verified NO) for ; Fri, 4 May 2001 20:03:11 +0200 (MET DST) Date: Fri, 04 May 2001 20:03:27 +0200 From: Ragnar Sundblad To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] MacOS X and Tokens Message-ID: <10964460.989006607@ragges-mac.nada.kth.se> In-Reply-To: <200105041636.SAA05725@mx.nada.kth.se> References: <200105041636.SAA05725@mx.nada.kth.se> X-Mailer: Mulberry/2.1.0a5 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0rc1 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: --On Thu, 3 May 2001 16:03:30 -0700 Thomas Vincent wrote: > You need to make your pts id the same as your uid. This tricks the > server into thinking pts id's are uid's. Then you can klog and get > access to your resources. Note that this has nothing to do with AFS, it is just MacOS X apps that think they can take uid's in the file system and look them up in netinfo (getpwent etc). This is of course wrong for afs and lots of other file systems. The problem is that there is no good easy generic solution for this. There really should be one. A vfs call, or at least a lib, that understands as many ACL kinds as possible and delivers them in a format that a program can present to the user, and write back to the file system. It should not be to hard to make a generic format that works with all current file systems. But yes, you are right, things and users will be far less confused if uids and pts ids are in sync. > AFS under OS X has a couple of issues: > The finder does not understand ACL's. It only understands > World/Group/Everyone . > The finder does not differentiate between network and local access of > file systems. Our Arla developers strongly believe that Finder should use access() to check what it can and can't do, at least for file systems that it doesn't know anything about. As I have understood it access() should not cost more than stat(). > Both of these issues are being worked on. Great! /ragge From somebody Thu Jan 01 00:00:00 UTC 1970 Received: from GRAND.CENTRAL.ORG by penn.central.org id aa07746; 10 May 2001 12:46 EDT Received: by grand.central.org (Postfix) id D1DC99BCA; Thu, 10 May 2001 11:48:48 -0400 (EDT) Delivered-To: port-darwin@openafs.org Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.7.21.83]) by grand.central.org (Postfix) with ESMTP id 9F63D9BC9; Thu, 10 May 2001 11:48:48 -0400 (EDT) Received: from grand-central-station.mit.edu (GRAND-CENTRAL-STATION.MIT.EDU [18.7.21.82]) by pacific-carrier-annex.mit.edu (8.9.2/8.9.2) with ESMTP id MAA13715; Thu, 10 May 2001 12:46:31 -0400 (EDT) Received: from melbourne-city-street.mit.edu (MELBOURNE-CITY-STREET.MIT.EDU [18.7.21.86]) by grand-central-station.mit.edu (8.9.2/8.9.2) with ESMTP id MAA25047; Thu, 10 May 2001 12:46:31 -0400 (EDT) Received: from chaos.mit.edu (CHAOS.MIT.EDU [18.18.0.123]) by melbourne-city-street.mit.edu (8.9.2/8.9.2) with ESMTP id MAA07425; Thu, 10 May 2001 12:46:23 -0400 (EDT) Received: (from ted@localhost) by chaos.mit.edu (8.9.3) id MAA25254; Thu, 10 May 2001 12:46:25 -0400 (EDT) Date: Thu, 10 May 2001 12:46:25 -0400 (EDT) Message-Id: <200105101646.MAA25254@chaos.mit.edu> From: Ted McCabe To: openafs-gatekeepers@openafs.org, port-darwin@openafs.org Subject: [OpenAFS-port-darwin] Darwin patch Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0rc1 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I noticed that when I tried copying files out of AFS, I would often not be able to modify the destination files/dirs due to the user flags being non-zero (see man chflags). Turns out that not all of the fields of Darwin's struct vattr were being set in afs_CopyOutAttrs This patch clears the va_flags entry. I wasn't sure how the va_filerev and va_gen fields are precisely used, but since I wasn't noticing any trouble I could attribute to them, I left them unspecified. I suspect someone with more knowledge can say for sure. --Ted *** src.104/afs/VNOPS/afs_vnop_attrs.c Mon Apr 23 03:28:58 2001 --- src/afs/VNOPS/afs_vnop_attrs.c Thu May 10 11:34:25 2001 *************** *** 128,134 **** * Below return 0 (and not 1) blocks if the file is zero length. This conforms * better with the other filesystems that do return 0. */ ! #ifdef AFS_OSF_ENV #ifdef va_size_rsv attrs->va_size_rsv = 0; #endif --- 128,134 ---- * Below return 0 (and not 1) blocks if the file is zero length. This conforms * better with the other filesystems that do return 0. */ ! #if defined(AFS_OSF_ENV) || defined(AFS_DARWIN_ENV) #ifdef va_size_rsv attrs->va_size_rsv = 0; #endif From melliott@ncsa.uiuc.edu Mon May 14 14:01:29 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from ex1.ncsa.uiuc.edu (ex1.ncsa.uiuc.edu [141.142.2.9]) by grand.central.org (Postfix) with ESMTP id 9E3C89C66 for ; Mon, 14 May 2001 14:01:29 -0400 (EDT) Received: from mx1.ncsa.uiuc.edu (mx1.ncsa.uiuc.edu [141.142.2.8]) by ex1.ncsa.uiuc.edu (8.11.0/8.11.0) with ESMTP id f4EI1Tb20529 for ; Mon, 14 May 2001 13:01:29 -0500 (CDT) X-Envelope-From: melliott@ncsa.uiuc.edu X-Envelope-To: Received: from [141.142.22.21] (speed.ncsa.uiuc.edu [141.142.22.21]) by mx1.ncsa.uiuc.edu (8.11.0/8.11.0) with ESMTP id f4EI1S711135 for ; Mon, 14 May 2001 13:01:28 -0500 (CDT) Mime-Version: 1.0 X-Sender: melliott@pop.ncsa.uiuc.edu Message-Id: In-Reply-To: <200105032303.QAA05922@scv2.apple.com> References: <200105032303.QAA05922@scv2.apple.com> Date: Mon, 14 May 2001 13:00:51 -0500 To: port-darwin@openafs.org From: Matt Elliott Subject: Re: [OpenAFS-port-darwin] MacOS X and Tokens Content-Type: text/plain; charset="us-ascii" Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I tried changing my uid to match my pts id in the cell I'm trying to authenticate to. I can klog in a terminal.app window and get a token. Commands executed in that window work. i.e. I can copy files which I have acls to read from AFS to my local disk and can put files into afs where I have acls to write. What I haven't been able to do is the same thing from the Finder. Am I missing something or is this one of the missing features? The area I'm trying to write in, my afs home directory, is owned my me and the unix permissions look like I should be able to write there. At 4:03 PM -0700 5/3/01, Thomas Vincent wrote: >You need to make your pts id the same as your uid. This tricks the >server into thinking pts id's are uid's. Then you can klog and get >access to your resources. > >AFS under OS X has a couple of issues: >The finder does not understand ACL's. It only understands >World/Group/Everyone . >The finder does not differentiate between network and local access of >file systems. > >Both of these issues are being worked on. > >On Thursday, May 3, 2001, at 03:32 PM, Matt Elliott wrote: > >> I've installed the client software and I think I have the configuration >> correct. I can navigate my site's cell and get a token using klog in a >> terminal.app window but I can't seem to get the token to propogate to >> the >> Finder and the rest of my environment. Does anyone know how to get a >> token >> so the Finder can use authenticated AFS access? >> >> Can I enable klog on login somehow so I don't have to run something in >> addition to logging in? >> >> Other than this it looks really great. >> >> -- >> >> >> Matt Elliott High Performance Data Management Team >> 217-265-0257 >> _______________________________________________ >> port-darwin mailing list >> port-darwin@openafs.org >> https://lists.openafs.org/mailman/listinfo.cgi/port-darwin >_______________________________________________ >port-darwin mailing list >port-darwin@openafs.org >https://lists.openafs.org/mailman/listinfo.cgi/port-darwin -- Matt Elliott High Performance Data Management Team 217-265-0257 From jackson@CMU.EDU Thu May 17 20:37:14 2001 Return-Path: Delivered-To: port-darwin@www.openafs.org Received: from smtp7.andrew.cmu.edu (SMTP7.ANDREW.CMU.EDU [128.2.10.87]) by grand.central.org (Postfix) with ESMTP id 4B4BF9DBA; Thu, 17 May 2001 20:37:14 -0400 (EDT) Received: from techview.cc.cmu.edu (TECHVIEW.CC.CMU.EDU [128.2.13.153]) (authenticated as jackson with KERBEROS_V4 (0 bits)) by smtp7.andrew.cmu.edu (8.12.0.Beta7/8.12.0.Beta7) with ESMTP id f4I0bC19006250; Thu, 17 May 2001 20:37:13 -0400 Date: Thu, 17 May 2001 20:37:15 -0400 From: Joseph Jackson To: info-afs@transarc.com, openafs-info@www.openafs.org, port-darwin@www.openafs.org Message-ID: <27716402.3199120635@techview.cc.cmu.edu> Originator-Info: login-token=Mulberry:01raKDDhcD5nnyHABi4in3f0XM7UQlGv4k0OZ79Nv3hvQ=; token_authority=postmaster@andrew.cmu.edu X-Mailer: Mulberry/2.0.8 (MacOS) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: [OpenAFS-port-darwin] OpenAFS BOF at WWDC Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Attendees of the Apple World Wide Developers Conference (WWDC) are invited to attend the OpenAFS Birds of a Feather session. This session is open to the attendees of Apple World Wide Developers Conference. Hosts: Tom Vincent (Apple Computer, Inc.) Joseph Jackson (Carnegie Mellon University). Session: OpenAFS on OS X Date: Tuesday, May 22, 2001 Time: 6:30 - 7:45 Place: J1 This session will discuss the availability of OpenAFS for Mac OS X. OpenAFS is the open source version of AFS, a distributed file system product sold by IBM Transarc Labs. Carnegie Mellon University has released a beta-quality OpenAFS client that runs on OS X. This session will be of interest to those who already run AFS or those who are thinking about installing the free OpenAFS distribution. Attendees: Public Agenda: * Short demo of installing and using OpenAFS * Explanation of known problems * Summary of work that needs to be done * Request for volunteers to help out * Q & A * Fun CD-ROMs will be available with OpenAFS binaries and source, a Special Edition of Brickhouse IPFW configuration tool with AFS support, and a Mac OS X edition of aklog from MIT utilizing the latest kerberos distribution for OS X from MIT. There will be a limited number available. For Complete WWDC logistics, visit the Apple Developer's website at: http://www.apple.com/developer/wwdc2001 From centuri@mac.com Thu May 24 11:37:40 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp.umr.edu (mrelay.cc.umr.edu [131.151.1.89]) by grand.central.org (Postfix) with ESMTP id F1D3B9BCA for ; Thu, 24 May 2001 11:37:39 -0400 (EDT) Received: from osx (osx.cc.umr.edu [131.151.32.143]) via ESMTP by mrelay.cc.umr.edu (8.9.3/R.4.20) id KAA13801; Thu, 24 May 2001 10:37:39 -0500 From: centuri@mac.com Message-Id: <200105241537.KAA13801@mrelay.cc.umr.edu> Date: Thu, 24 May 2001 22:35:39 -0500 Content-Type: text/plain; format=flowed; charset=us-ascii Mime-Version: 1.0 (Apple Message framework v388) To: port-darwin@openafs.org X-Mailer: Apple Mail (2.388) Content-Transfer-Encoding: 7bit Subject: [OpenAFS-port-darwin] New to the list. Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Good day all, I'm working on a project at my University that involves setting up a MacOSX Server 2.0 box with our local campus net using NIS and AFS for login and home directories respectively. I tried the OSX OpenAFS installer hoping it would work on OSXS2.0, but it hangs when "Optimizing System" and I have not yet been able to see any cells. Since I'm not very familiar with AFS, I'm not sure if it's a problem with the install itself or because I don't have it configured correctly. I've added CellServDB and ThisCell from one of the Unix boxes to /private/var/db/openafs/etc/ and I've created an afsd.options file in /private/var/db/openafs/etc/config/ as was recommended by the installer. I have also placed copies of the CellServDB and ThisCell files in the /Library/OpenAFS/Tools/root.client/usr/vice/etc directory. Did I miss a step, is the some difference between OSX and OSXS2.0 that's confusing the installer (there were a lot of bind errors, but I've seen lots of installs work just fine even with a page worth of bind errors)? Any help would be appreciated, Robert Phelan From centuri@mac.com Thu May 24 11:39:17 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp.umr.edu (mrelay.cc.umr.edu [131.151.1.89]) by grand.central.org (Postfix) with ESMTP id 541C39BCA for ; Thu, 24 May 2001 11:39:17 -0400 (EDT) Received: from osx (osx.cc.umr.edu [131.151.32.143]) via ESMTP by mrelay.cc.umr.edu (8.9.3/R.4.20) id KAA14257; Thu, 24 May 2001 10:39:17 -0500 From: centuri@mac.com Message-Id: <200105241539.KAA14257@mrelay.cc.umr.edu> Date: Thu, 24 May 2001 22:37:16 -0500 Content-Type: text/plain; format=flowed; charset=us-ascii Mime-Version: 1.0 (Apple Message framework v388) To: port-darwin@openafs.org X-Mailer: Apple Mail (2.388) Content-Transfer-Encoding: 7bit Subject: [OpenAFS-port-darwin] Oops. Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: If you got more than one copy of that, I apologize. SMTP server claimed it wasn't going through, and it seems it may have after all. Robert From jackson@CMU.EDU Thu May 24 14:54:17 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp5.andrew.cmu.edu (SMTP5.ANDREW.CMU.EDU [128.2.10.85]) by grand.central.org (Postfix) with ESMTP id D86DD9BCA for ; Thu, 24 May 2001 14:54:17 -0400 (EDT) Received: from [216.2.29.144] ([216.2.29.144]) (authenticated as jackson with KERBEROS_V4 (0 bits)) by smtp5.andrew.cmu.edu (8.12.0.Beta7/8.12.0.Beta7) with ESMTP id f4OIrpb0017783; Thu, 24 May 2001 14:54:16 -0400 Date: Thu, 24 May 2001 10:43:50 -0700 From: Joseph Jackson To: centuri@mac.com, port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] New to the list. Message-ID: <40298.3199689830@localhost> In-Reply-To: <200105241537.KAA13801@mrelay.cc.umr.edu> Originator-Info: login-token=Mulberry:01gm6E9uzP52HH6AFKt/X4ZxqY7iz65v/5nOdjyaf4bsk=; token_authority=postmaster@andrew.cmu.edu X-Mailer: Mulberry/2.0.8 (MacOS) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: The OpenAFS code relies on a kernel extension to implement the new file system type. Kernel code is *very* sensitive to the specific OS version that you're running. We've had to do a lot of work to keep OpenAFS working across the developer preview releases of Mac OS X, for example. The server release should be very similar to what was shipped on March 24th, but maybe a small change impacted AFS. I'm going to start working on Mac OS X Server soon, so let me try to run the client there myself. If you don't hear from me within a week, send another message and we'll compare notes. Joe Jackson, Carnegie Mellon University. From cg2v+@andrew.cmu.edu Thu May 24 17:29:18 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from po10.andrew.cmu.edu (PO10.ANDREW.CMU.EDU [128.2.10.110]) by grand.central.org (Postfix) with ESMTP id 3CE269BCA for ; Thu, 24 May 2001 17:29:18 -0400 (EDT) Received: (from postman@localhost) by po10.andrew.cmu.edu (8.9.3/8.9.3) id RAA00950 for port-darwin@openafs.org; Thu, 24 May 2001 17:29:17 -0400 (EDT) Received: via switchmail; Thu, 24 May 2001 17:29:16 -0400 (EDT) Received: from gtok.andrew.cmu.edu via qmail ID ; Thu, 24 May 2001 17:27:51 -0400 (EDT) Received: from gtok.andrew.cmu.edu via qmail ID ; Thu, 24 May 2001 17:27:50 -0400 (EDT) Received: from mms.4.60.Apr..3.2000.21.32.31.i386.Linux.22.EzMail.2.0.CUILIB.3.45.SNAP.NOT.LINKED.gtok.andrew.cmu.edu.i386.linux22 via MS.5.6.gtok.andrew.cmu.edu.i386_Linux_22; Thu, 24 May 2001 17:27:50 -0400 (EDT) Message-ID: Date: Thu, 24 May 2001 17:27:50 -0400 (EDT) From: Chaskiel M Grundman To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] New to the list. Cc: In-Reply-To: <200105241537.KAA13801@mrelay.cc.umr.edu> References: <200105241537.KAA13801@mrelay.cc.umr.edu> Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Excerpts from internet.computing.openafs.port-darwin: 24-May-101 [OpenAFS-port-darwin] New t.. by centuri@mac.com > I tried the OSX OpenAFS installer hoping it would work on OSXS2.0, but > it hangs when "Optimizing System" and I have not yet been able to see > any cells. What does "you can't see any cells" mean? also: 1) There was a bug in the packaging script that caused the installer to hang on some systems. The copy of the .pkg at openafs.org was fixed 2 days ago. 2) have you rebooted since the install? You didn't say that you did.... If you have, and it still doesn't work, try the following in a terminal, as root (send the output back here or to me...) # ls -ld /afs # ls -ld /Network/afs # kmodstat | grep afs # df /Network/afs if the kmodstat line produces no output, try running /System/Library/StartupItems/OpenAFS/OpenAFS and including it's output too, (and whether or not afs works now) From centuri@mac.com Thu May 24 17:43:48 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mx.rollanet.org (mailsrv.rollanet.org [192.55.114.7]) by grand.central.org (Postfix) with SMTP id 66E3D9BCA for ; Thu, 24 May 2001 17:43:48 -0400 (EDT) Received: (qmail 25578 invoked from network); 24 May 2001 21:43:47 -0000 Received: from pkrh-dc-g9-as5200-async24.network.umr.edu (HELO ?131.151.65.74?) (131.151.65.74) by mx.rollanet.org with SMTP; 24 May 2001 21:43:47 -0000 X-Sender: centuri@mail.mac.com Message-Id: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Thu, 24 May 2001 16:43:58 -0500 To: port-darwin@openafs.org From: Robert Phelan Subject: [OpenAFS-port-darwin] OSXServer Problem solved Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I had sent this out earlier, but it seems to have gotten munched somewhere along the line: This case was a good example of why you should try to be awake while working. In /var/db/openafs/etc/config/afsd.options I had displaced the A and the E in dAEmon. Can't believe I spent 2 hours trying to figure that one out. I switched them and everything came alive the way it should, so it would seem that the current pkg installer is compatable with OSX Server 2.0 after all. Also, after a reinstall of the server software, the openafs installer stopped hanging on Optimizing System Performace, so that's a go as well. Thanks a lot to those who replied, if I hadn't finally caught that, I wasn't sure what I was going to do. Now the next step is to get kerberos working and then maybe, that combined with NIS and the now working OpenAFS client, I'll be able to log into this OSX machine like I would any other Unix box on campus. Thanks again. Robert From sperber@informatik.uni-tuebingen.de Fri Jun 1 07:21:18 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mx2.informatik.uni-tuebingen.de (mx2.Informatik.Uni-Tuebingen.De [134.2.12.9]) by grand.central.org (Postfix) with ESMTP id 323AD9BCB for ; Fri, 1 Jun 2001 07:21:18 -0400 (EDT) Received: from sams.informatik.uni-tuebingen.de (sams [134.2.12.50]) by mx2.informatik.uni-tuebingen.de (Postfix) with ESMTP id 114CB1060 for ; Fri, 1 Jun 2001 13:21:17 +0200 (MST) Received: (from sperber@localhost) by sams.informatik.uni-tuebingen.de (8.11.3/8.11.3) id f51BLGO41090; Fri, 1 Jun 2001 13:21:16 +0200 (CEST) (envelope-from sperber) To: port-darwin@openafs.org From: sperber@informatik.uni-tuebingen.de (Michael Sperber [Mr. Preprocessor]) Date: 01 Jun 2001 13:21:16 +0200 In-Reply-To: <20010601111600.CA06D9BCB@grand.central.org> (port-darwin-request@openafs.org's message of "Fri, 1 Jun 2001 07:16:00 -0400 (EDT)") Message-ID: Lines: 40 User-Agent: Gnus/5.090003 (Oort Gnus v0.03) XEmacs/21.5 (alfalfa) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Subject: [OpenAFS-port-darwin] OpenAFS vs. cddafs, msdosfs, and webdav_fs Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I just downloaded the 1.0.3 package distro and installed it on a fresh installation of MacOS X: Darwin rosenkrantz 1.3.3 Darwin Kernel Version 1.3.3: Fri May 4 13:46:54 PDT 2001; root:xnu/xnu-124.8.obj~1/RELEASE_PPC Power Macintosh powerpc While the AFS part seems to work fine (great work!), some problems result. Whenever I insert an audio CD, the console shows these messages and the audio CD is not recognized: file://localhost/System/Library/Extensions/msdosfs.kext/ is not a valid kernel e xtension bundle. file://localhost/System/Library/Extensions/msdosfs.kext/ is not a valid kernel e xtension bundle. file://localhost/System/Library/Extensions/webdav_fs.kext/ is not a valid kernel extension bundle. file://localhost/System/Library/Extensions/webdav_fs.kext/ is not a valid kernel extension bundle. cddafs: cddafs not available Jun 1 13:05:24 rosenkrantz autodiskmount[88]: DiskVolume_mount_foreign: There i s a filesystem error with the device disk1 which was attempting to mount at /Vol umes/Audio CD Jun 1 13:05:24 rosenkrantz autodiskmount[88]: disk1 ??? cddafs no no Audio CD [not mounted] A co-worker here reports similar messages regarding the msdosfs and webdav_fs kernel extensions even without using audio CDs. Any help on this would be much appreciated. -- Cheers =8-} Mike Friede, Völkerverständigung und überhaupt blabla From ssen@mit.edu Fri Jun 1 11:29:31 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mail-out1.apple.com (mail-out1.apple.com [17.254.0.52]) by grand.central.org (Postfix) with ESMTP id 7692A9BCA for ; Fri, 1 Jun 2001 11:29:30 -0400 (EDT) Received: from apple.con (A17-128-100-225.apple.com [17.128.100.225]) by mail-out1.apple.com (8.9.3/8.9.3) with ESMTP id IAA20736 for ; Fri, 1 Jun 2001 08:29:29 -0700 (PDT) Received: from scv1.apple.com (scv1.apple.com) by apple.con (Content Technologies SMTPRS 4.2.1) with ESMTP id ; Fri, 1 Jun 2001 08:27:45 +0100 Received: from ssen (ssen.apple.com [17.203.12.194]) by scv1.apple.com (8.9.3/8.9.3) with ESMTP id IAA13636; Fri, 1 Jun 2001 08:29:25 -0700 (PDT) Message-Id: <200106011529.IAA13636@scv1.apple.com> Date: Fri, 1 Jun 2001 08:29:11 -0700 From: Shantonu Sen Content-Type: text/plain; format=flowed; charset=us-ascii Subject: Re: [OpenAFS-port-darwin] OpenAFS vs. cddafs, msdosfs, and webdav_fs Cc: port-darwin@openafs.org To: sperber@informatik.uni-tuebingen.de (Michael Sperber [Mr. Preprocessor]) X-Mailer: Apple Mail (2.388) In-Reply-To: Mime-Version: 1.0 (Apple Message framework v388) Content-Transfer-Encoding: 7bit Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I recommend upgrading to Mac OS X 10.0.3 and installing OpenAFS 1.0.4. > file://localhost/System/Library/Extensions/msdosfs.kext/ is not a valid > kernel e > xtension bundle. > > file://localhost/System/Library/Extensions/msdosfs.kext/ is not a valid > kernel e > xtension bundle. > > file://localhost/System/Library/Extensions/webdav_fs.kext/ is not a valid > kernel > extension bundle. > > file://localhost/System/Library/Extensions/webdav_fs.kext/ is not a valid > kernel > extension bundle. These errors are normal. Ignore them. > cddafs: cddafs not available This error is not. I had a friend experience the same thing, and at the time, we didn't link this to OpenAFS at all. I'll start looking into this. > A co-worker here reports similar messages regarding the msdosfs and > webdav_fs kernel extensions even without using audio CDs. Yeah, you'll see it when mounting disk images too. Shantonu From drosih@rpi.edu Fri Jun 1 16:28:12 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mail.rpi.edu (mail.rpi.edu [128.113.22.40]) by grand.central.org (Postfix) with ESMTP id 94F719BCA for ; Fri, 1 Jun 2001 16:28:12 -0400 (EDT) Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47]) by mail.rpi.edu (8.11.3/8.11.3) with ESMTP id f51KSCW08960 for ; Fri, 1 Jun 2001 16:28:12 -0400 Mime-Version: 1.0 X-Sender: drosih@mail.rpi.edu Message-Id: Date: Fri, 1 Jun 2001 16:28:11 -0400 To: port-darwin@openafs.org From: Garance A Drosihn Content-Type: text/plain; charset="us-ascii" ; format="flowed" Subject: [OpenAFS-port-darwin] OpenAFS vs. cddafs, msdosfs, and webdav_fs Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Hi. I joined this list because I noticed the same problem with music CD's after I installed MacOS 10. (this message is a followup to a recent message on this list, except that I'm reading the message via the web browser, instead of my email client) Shantonu Sen ssen@mit.edu wrote: > I recommend upgrading to Mac OS X 10.0.3 and installing > OpenAFS 1.0.4. In my case, I am running MacOS 10.0.3. I just recently installed OpenAFS, like just last weekend, so I assume I am running version 1.0.4. However, I can't see any way to tell what version of openafs I am running. How does one tell which version of openafs is installed under MacOS 10? > > cddafs: cddafs not available > > This error is not. I had a friend experience the same > thing, and at the time, we didn't link this to OpenAFS > at all. I'll start looking into this. Since I had just installed OpenAFS, it was easy to guess that openafs might have been the culprit when iTunes was not able to load music CD's anymore. What I did was I first rebooted with openafs still "starting up", but tried to use a music CD before making any reference to /afs. The music CD still failed. I then changed things so openafs did not load at boot-up time. This got Music CD's working for me once again. -- Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu From ssen@mit.edu Fri Jun 1 16:58:15 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mail-out2.apple.com (mail-out2.apple.com [17.254.0.51]) by grand.central.org (Postfix) with ESMTP id 39E9F9BCA for ; Fri, 1 Jun 2001 16:58:15 -0400 (EDT) Received: from apple.con (A17-128-100-225.apple.com [17.128.100.225]) by mail-out2.apple.com (8.9.3/8.9.3) with ESMTP id NAA29386 for ; Fri, 1 Jun 2001 13:58:13 -0700 (PDT) Received: from scv1.apple.com (scv1.apple.com) by apple.con (Content Technologies SMTPRS 4.2.1) with ESMTP id for ; Fri, 1 Jun 2001 13:56:33 +0100 Received: from ssen (ssen.apple.com [17.203.12.194]) by scv1.apple.com (8.9.3/8.9.3) with ESMTP id NAA08125 for ; Fri, 1 Jun 2001 13:58:13 -0700 (PDT) Message-Id: <200106012058.NAA08125@scv1.apple.com> Date: Fri, 1 Jun 2001 13:58:00 -0700 Content-Type: text/plain; format=flowed; charset=us-ascii X-Mailer: Apple Mail (2.388) From: Shantonu Sen To: port-darwin@openafs.org Mime-Version: 1.0 (Apple Message framework v388) In-Reply-To: Subject: Re: [OpenAFS-port-darwin] OpenAFS vs. cddafs, msdosfs, and webdav_fs Content-Transfer-Encoding: 7bit Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: > In my case, I am running MacOS 10.0.3. I just recently > installed OpenAFS, like just last weekend, so I assume I > am running version 1.0.4. However, I can't see any way > to tell what version of openafs I am running. > > How does one tell which version of openafs is installed > under MacOS 10? grep Version /Library/Receipts/OpenAFS.pkg/Contents/Resources/OpenAFS.info or sudo kmodstat | grep openafs Unfortunately, the latter does not appear to have been updated. The first method is probably best. > I then changed things so openafs did not load at boot-up > time. This got Music CD's working for me once again. Yuck ;-( Shantonu From drosih@rpi.edu Sat Jun 2 01:48:51 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mail.rpi.edu (mail.rpi.edu [128.113.22.40]) by grand.central.org (Postfix) with ESMTP id 046EE9BCA for ; Sat, 2 Jun 2001 01:48:50 -0400 (EDT) Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47]) by mail.rpi.edu (8.11.3/8.11.3) with ESMTP id f525moW20584 for ; Sat, 2 Jun 2001 01:48:50 -0400 Mime-Version: 1.0 X-Sender: drosih@mail.rpi.edu Message-Id: Date: Sat, 2 Jun 2001 01:48:48 -0400 To: port-darwin@openafs.org From: Garance A Drosihn Content-Type: text/plain; charset="us-ascii" ; format="flowed" Subject: [OpenAFS-port-darwin] configuring openafs under MacOS 10 Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: First, let me say I was very happily impressed to see that work on OpenAFS for MacOS 10 was so far along that it had an official installer. One question I had was why the installer put the changes in /System/Library/StartupItems instead of /Library/StartupItems. Isn't /System for "Apple-only" things? My hope here is that the answer is something like "Apple plans on providing the official installer for openafs on MacOS 10", when then lets me ask the real question that came to my mind. If this is an "official Apple extension", then would it be reasonable to have a setting in /etc/hostconfig which controls whether OpenAFS is started up? For instance, after install I changed /System/Library/StartupItems/OpenAFS/OpenAFS, such that after if [ "${NETWORKUP}" = "-NO-" ]; then exit; fi I added: if [ "${AFSCLIENT}" != "-YES-" ]; then exit; fi This way, I have to add the line AFSCLIENT=-YES- to /etc/hostconfig. And then, if I need to disable OpenAFS for some reason (such as checking if it was the culprit for music CD problems), all I have to do is edit that file to change -YES- to -NO-. It probably wouldn't be appropriate for random third-party products to add lines to /etc/hostconfig, but IF it's going to be an official Apple extension, well then... -- Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu From cg2v+@andrew.cmu.edu Sat Jun 2 18:14:57 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from po10.andrew.cmu.edu (PO10.ANDREW.CMU.EDU [128.2.10.110]) by grand.central.org (Postfix) with ESMTP id DDC909BCD for ; Sat, 2 Jun 2001 18:14:56 -0400 (EDT) Received: (from postman@localhost) by po10.andrew.cmu.edu (8.9.3/8.9.3) id SAA00839 for port-darwin@openafs.org; Sat, 2 Jun 2001 18:14:55 -0400 (EDT) Received: via switchmail; Sat, 2 Jun 2001 18:14:55 -0400 (EDT) Received: from sphinx.andrew.cmu.edu via qmail ID ; Sat, 2 Jun 2001 18:13:32 -0400 (EDT) Received: from sphinx.andrew.cmu.edu via qmail ID ; Sat, 2 Jun 2001 18:13:32 -0400 (EDT) Received: from mms.4.60.Apr..3.2000.21.32.31.i386.Linux.22.EzMail.2.0.CUILIB.3.45.SNAP.NOT.LINKED.sphinx.andrew.cmu.edu.i386.linux22 via MS.5.6.sphinx.andrew.cmu.edu.i386_Linux_22; Sat, 2 Jun 2001 18:13:32 -0400 (EDT) Message-ID: Date: Sat, 2 Jun 2001 18:13:32 -0400 (EDT) From: Chaskiel M Grundman To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] configuring openafs under MacOS 10 Cc: In-Reply-To: References: Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Excerpts from internet.computing.openafs.port-darwin: 2-Jun-101 [OpenAFS-port-darwin] confi.. by Garance A Drosihn@rpi.ed > First, let me say I was very happily impressed to see that > work on OpenAFS for MacOS 10 was so far along that it had > an official installer. an installer is available because the install tools are readily accessible and reasonably easy to use, and because it is desirable for people other than unix-aware users to be able to use afs (not that that ideal has been reached yet. I'm not a GUI programmer, and no one has yet volunteered to work on the control panel equivalent, which will be oh-so-much-fun to write even for someone who is a GUI programmer) > One question I had was why the installer put the changes in > /System/Library/StartupItems instead of /Library/StartupItems. It's because /Library/StartupItems doesn't exist, and SystemStarter has no documentation that I could find. Therefore, the safest thing for me to assume was that it only looks in /System > Isn't /System for "Apple-only" things? Perhaps that is claimed, but at the very least, all extensions that are loaded automatically (rather than by applications) must go in /System/Library/Extensions From ssen@mit.edu Sat Jun 2 20:58:59 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mail-out2.apple.com (mail-out2.apple.com [17.254.0.51]) by grand.central.org (Postfix) with ESMTP id 4989A9BCD for ; Sat, 2 Jun 2001 20:58:59 -0400 (EDT) Received: from apple.com (A17-129-100-225.apple.com [17.129.100.225]) by mail-out2.apple.com (8.9.3/8.9.3) with ESMTP id RAA04015 for ; Sat, 2 Jun 2001 17:58:58 -0700 (PDT) Received: from scv2.apple.com (scv2.apple.com) by apple.com (Content Technologies SMTPRS 4.2.1) with ESMTP id for ; Sat, 2 Jun 2001 17:58:58 -0700 Received: from localhost ([17.254.160.34]) by scv2.apple.com (8.11.3/8.11.3) with ESMTP id f530wvk18377 for ; Sat, 2 Jun 2001 17:58:57 -0700 (PDT) Message-Id: <200106030058.f530wvk18377@scv2.apple.com> Date: Sat, 2 Jun 2001 17:58:41 -0700 Content-Type: text/plain; format=flowed; charset=us-ascii X-Mailer: Apple Mail (2.388) From: Shantonu Sen To: port-darwin@openafs.org Mime-Version: 1.0 (Apple Message framework v388) In-Reply-To: Subject: Re: [OpenAFS-port-darwin] configuring openafs under MacOS 10 Content-Transfer-Encoding: 7bit Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: On Saturday, June 2, 2001, at 03:13 PM, Chaskiel M Grundman wrote: > I'm not a GUI programmer, and no one has yet > volunteered to work on the control panel equivalent, which will be > oh-so-much-fun to write even for someone who is a GUI programmer) After I get some more Cocoa experience under my belt, I plan on looking into this. If anyone is interested, let me or the list know, so we can coordinate. It's unfortunate that much of work won't be portable to other OSes, but I suppose some minimal amount will be. Shantonu From drosih@rpi.edu Sun Jun 3 00:54:25 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mail.rpi.edu (mail.rpi.edu [128.113.22.40]) by grand.central.org (Postfix) with ESMTP id 90B5D9BCD for ; Sun, 3 Jun 2001 00:54:25 -0400 (EDT) Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47]) by mail.rpi.edu (8.11.3/8.11.3) with ESMTP id f534sOS123656; Sun, 3 Jun 2001 00:54:24 -0400 Mime-Version: 1.0 X-Sender: drosih@mail.rpi.edu Message-Id: In-Reply-To: References: Date: Sun, 3 Jun 2001 00:54:21 -0400 To: Chaskiel M Grundman , port-darwin@openafs.org From: Garance A Drosihn Subject: Re: [OpenAFS-port-darwin] configuring openafs under MacOS 10 Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: At 6:13 PM -0400 6/2/01, Chaskiel M Grundman wrote: >Excerpts from internet.computing.openafs.port-darwin: 2-Jun-101 >[OpenAFS-port-darwin] confi.. by Garance A Drosihn@rpi.ed >> First, let me say I was very happily impressed to see that >> work on OpenAFS for MacOS 10 was so far along that it had > > an official installer. > >an installer is available because the install tools are readily >accessible and reasonably easy to use, and because it is desirable >for people other than unix-aware users to be able to use afs [...] I definitely agree with this sentiment, I was just pleasantly surprised to see how far along that work was. > > One question I had was why the installer put the changes in >> /System/Library/StartupItems instead of /Library/StartupItems. > >It's because /Library/StartupItems doesn't exist, and SystemStarter >has no documentation that I could find. Therefore, the safest thing >for me to assume was that it only looks in /System I do have /Library/StartupItems on my system, because I have installed OpenBase. OpenBase is a database application which has some background processes that launch at system startup. I imagine the installer for OpenBase created that directory, but the operating system seems to recognize it. We'll have to track down some documentation on this, I guess. -- Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu From drosih@rpi.edu Sun Jun 3 00:57:46 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mail.rpi.edu (mail.rpi.edu [128.113.22.40]) by grand.central.org (Postfix) with ESMTP id BABCB9BCD for ; Sun, 3 Jun 2001 00:57:45 -0400 (EDT) Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47]) by mail.rpi.edu (8.11.3/8.11.3) with ESMTP id f534viS130850; Sun, 3 Jun 2001 00:57:44 -0400 Mime-Version: 1.0 X-Sender: drosih@mail.rpi.edu Message-Id: In-Reply-To: References: Date: Sun, 3 Jun 2001 00:57:42 -0400 To: Chaskiel M Grundman , port-darwin@openafs.org From: Garance A Drosihn Subject: Re: [OpenAFS-port-darwin] configuring openafs under MacOS 10 Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: At 6:13 PM -0400 6/2/01, Chaskiel M Grundman wrote: >I'm not a GUI programmer, and no one has yet volunteered to work >on the control panel equivalent, which will be oh-so-much-fun to >write even for someone who is a GUI programmer) Actually, I expect this isn't hard to write, for someone with Cocoa experience. I had a fair amount of NeXTSTEP programming experience, and once I get my hands on the O'Reilly book on Cocoa (which I have already ordered...), I might be able to write up something. -- Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu From ssen@mit.edu Mon Jun 11 12:40:37 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mail-out2.apple.com (mail-out2.apple.com [17.254.0.51]) by grand.central.org (Postfix) with ESMTP id 91AD89BD0 for ; Mon, 11 Jun 2001 12:40:36 -0400 (EDT) Received: from apple.com (A17-129-100-225.apple.com [17.129.100.225]) by mail-out2.apple.com (8.9.3/8.9.3) with ESMTP id JAA19628 for ; Mon, 11 Jun 2001 09:40:34 -0700 (PDT) Received: from scv3.apple.com (scv3.apple.com) by apple.com (Content Technologies SMTPRS 4.2.1) with ESMTP id for ; Mon, 11 Jun 2001 09:40:30 -0700 Received: from localhost (ssen.apple.com [17.203.12.194]) by scv3.apple.com (8.9.3/8.9.3) with ESMTP id JAA06856 for ; Mon, 11 Jun 2001 09:40:24 -0700 (PDT) Message-Id: <200106111640.JAA06856@scv3.apple.com> Date: Mon, 11 Jun 2001 09:40:22 -0700 Content-Type: text/plain; format=flowed; charset=us-ascii X-Mailer: Apple Mail (2.388) From: Shantonu Sen To: port-darwin@openafs.org Mime-Version: 1.0 (Apple Message framework v388) In-Reply-To: Subject: Re: [OpenAFS-port-darwin] configuring openafs under MacOS 10 Content-Transfer-Encoding: 7bit Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I worked on this a bit this weekend. One issue I came across is that I'd like each cell to have a checkbox to indicate wether you want it "active" or not. This will be a temporary hack to keep the Finder from going crazy, and will take "inactive" cells out of the CellServDB. However, it would appear that the CellServDB does not have a comment format, so it will be necessary to store inactive cells in another file. Possible scenarios: 1) If a user deactives a cell, just drop it entirely and keep no backups. The user is forced to manually add it back in. 2) Store an xml/plist version of the "full" CellServDB, with cells appropriately marked active or inactive. The real CellServDB is generated from the cells marked active. 3) Store the full CellServDB in CellServDB-format as "/var/db/openafs/etc/ CellServDB.full". This will include both active and inactive cells, and the inactive ones can be determined by seeing what *doesn't* exist in the "/var/db/openafs/etc/CellServDB". 4) Store something like above on root's home directory. hmmm. I'm also modelling this as a standalone application, since the Preferences API isn't public currently, so we should just make a go of it now. Thoughts? Shantonu On Saturday, June 2, 2001, at 09:57 PM, Garance A Drosihn wrote: > Actually, I expect this isn't hard to write, for someone with > Cocoa experience. I had a fair amount of NeXTSTEP programming > experience, and once I get my hands on the O'Reilly book on > Cocoa (which I have already ordered...), I might be able to > write up something. From drosih@rpi.edu Mon Jun 11 14:41:06 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mail.rpi.edu (mail.rpi.edu [128.113.22.40]) by grand.central.org (Postfix) with ESMTP id BC2E29BDA for ; Mon, 11 Jun 2001 14:41:06 -0400 (EDT) Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47]) by mail.rpi.edu (8.11.3/8.11.3) with ESMTP id f5BIf4299358; Mon, 11 Jun 2001 14:41:05 -0400 Mime-Version: 1.0 X-Sender: drosih@mail.rpi.edu Message-Id: In-Reply-To: <200106111640.JAA06856@scv3.apple.com> References: <200106111640.JAA06856@scv3.apple.com> Date: Mon, 11 Jun 2001 14:41:02 -0400 To: Shantonu Sen , port-darwin@openafs.org From: Garance A Drosihn Subject: Re: [OpenAFS-port-darwin] configuring openafs under MacOS 10 Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: At 9:40 AM -0700 6/11/01, Shantonu Sen wrote: >1) If a user deactives a cell, just drop it entirely and keep > no backups. The user is forced to manually add it back in. This seems very unfriendly for the end user. >2) Store an xml/plist version of the "full" CellServDB, with > cells appropriately marked active or inactive. The real > CellServDB is generated from the cells marked active. Non-darwin platforms will have a "regular" CellServDB format. I think that converting that to some XML format just to convert it back to the "standard" format is a waste of energy. >3) Store the full CellServDB in CellServDB-format as > "/var/db/openafs/etc/CellServDB.full". This will include > both active and inactive cells, and the inactive ones can > be determined by seeing what *doesn't* exist in the > "/var/db/openafs/etc/CellServDB". I would do something along these lines. Have a configuration setting which says *which* cells should be added at system startup, and then something else which can be used to parse the "CellServDB.full" file and execute 'fs newcell' commands to bring up cells on the fly as the user requests them. I have a rough setup using a perl script that I use for my own purposes, but it isn't quite "user-friendly" yet... -- Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu From ssen@mit.edu Mon Jun 11 14:59:59 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mail-out1.apple.com (mail-out1.apple.com [17.254.0.52]) by grand.central.org (Postfix) with ESMTP id 237CA9BDA for ; Mon, 11 Jun 2001 14:59:59 -0400 (EDT) Received: from apple.con (A17-128-100-225.apple.com [17.128.100.225]) by mail-out1.apple.com (8.9.3/8.9.3) with ESMTP id LAA02014 for ; Mon, 11 Jun 2001 11:59:58 -0700 (PDT) Received: from scv3.apple.com (scv3.apple.com) by apple.con (Content Technologies SMTPRS 4.2.1) with ESMTP id for ; Mon, 11 Jun 2001 11:58:05 +0100 Received: from localhost (ssen.apple.com [17.203.12.194]) by scv3.apple.com (8.9.3/8.9.3) with ESMTP id LAA23341 for ; Mon, 11 Jun 2001 11:59:46 -0700 (PDT) Message-Id: <200106111859.LAA23341@scv3.apple.com> Date: Mon, 11 Jun 2001 11:59:44 -0700 Content-Type: text/plain; format=flowed; charset=us-ascii X-Mailer: Apple Mail (2.388) From: Shantonu Sen To: port-darwin@openafs.org Mime-Version: 1.0 (Apple Message framework v388) In-Reply-To: Subject: Re: [OpenAFS-port-darwin] configuring openafs under MacOS 10 Content-Transfer-Encoding: 7bit Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: > I would do something along these lines. Have a configuration > setting which says *which* cells should be added at system > startup, and then something else which can be used to parse > the "CellServDB.full" file and execute 'fs newcell' commands > to bring up cells on the fly as the user requests them. So cells could be marked as boot-time-active or not, and those cells would get written out to CellServDB. Additionally, cells can be activated dynamically, but they wouldn't be started on next boot? This seems reasonable. Would we use another file to track this? I don't like the thought of checking each cell to see if it has been activated, so I'd prefer the have the info written to a file. Shantonu From drosih@rpi.edu Mon Jun 11 15:03:51 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mail.rpi.edu (mail.rpi.edu [128.113.22.40]) by grand.central.org (Postfix) with ESMTP id DC8609BDA for ; Mon, 11 Jun 2001 15:03:50 -0400 (EDT) Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47]) by mail.rpi.edu (8.11.3/8.11.3) with ESMTP id f5BJ3n285792 for ; Mon, 11 Jun 2001 15:03:50 -0400 Mime-Version: 1.0 X-Sender: drosih@mail.rpi.edu Message-Id: Date: Mon, 11 Jun 2001 15:03:48 -0400 To: port-darwin@openafs.org From: Garance A Drosihn Content-Type: text/plain; charset="us-ascii" ; format="flowed" Subject: [OpenAFS-port-darwin] Odd problem with file cp'ed from afs to local HD Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I am running openafs on MacOS 10, and ran into an odd problem when I copied a file from our local AFS cell to my hard disk. (our AFS cell is all Transarc-afs servers, I am only using OpenAFS on the client). I have some bash-config files in my standard home directory in AFS-land, and I merged some changes into them to work better for MacOS 10, as well as all the other platforms they work with. I then did a: cp -p ~drosehn/.bash_aliases ~ where '~' is my home directory (on the local hard disk) on my MacOS 10 system. It is an HFS+ directory. I noticed the following error message when I did it: cp: utimes: /Users/gad/aliasTest: Operation not permitted I thought this was odd, but didn't really think too much about it. Of course, I didn't get things completely right the first time, so I made a few more changes to the version in AFS, and when to re-copy the file to my local HD. Much to my surprise, the *copy* was not permitted. In fact, I couldn't do anything with that ~/.bash_aliases file. I could not remove it, and even 'sudo rm' would not get rid of it. Luckily I work with freebsd, and this sounded a lot like the "schg" flag in freebsd land. So I tried: ls -lo .bash_aliases (that's a lowercase-letter-O, not a zero). This told me: -rw-r--r-- 1 gad staff uappnd 21624 Jun 11 14:46 .bash_aliases I don't recognize 'uappnd', but that is the field which would list 'schg' under freebsd. So, I used the 'chflags' command the same way I would use it under freebsd: chflags nouappnd ~/.bash_aliases After doing this, I was once again able to modify my .bash_aliases file, which was a good thing... I have not had time to investigate WHY I ended up with the uappnd flag on when copying from AFS-land to my local hard disk, but I thought I would at least mention this in case someone else runs into it. At least this way you'll have a way to get out of the situation when you end up with a file that you can no longer modify. For what it's worth, here's the result of doing the 'ls -lo' on the original file as it sits in AFS-land: -rw-r--r-- 1 drosehn staff uappnd,opaque 21624 Jun 7 18:15 /Users/AFS/drosehn/.bash_aliases My guess is that there is something in darwin which thinks those flags are on, but that AFS does not give the same meaning to "those bits" as HFS+ gives to them. -- Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu From ted@MIT.EDU Mon Jun 11 15:15:05 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.7.21.83]) by grand.central.org (Postfix) with ESMTP id F26C99BDA for ; Mon, 11 Jun 2001 15:15:04 -0400 (EDT) Received: from central-city-carrier-station.mit.edu (CENTRAL-CITY-CARRIER-STATION.MIT.EDU [18.7.21.75]) by pacific-carrier-annex.mit.edu (8.9.2/8.9.2) with ESMTP id PAA22397 for ; Mon, 11 Jun 2001 15:15:02 -0400 (EDT) Received: from melbourne-city-street.mit.edu (MELBOURNE-CITY-STREET.MIT.EDU [18.7.21.86]) by central-city-carrier-station.mit.edu (8.9.2/8.9.2) with ESMTP id PAA02877 for ; Mon, 11 Jun 2001 15:15:02 -0400 (EDT) Received: from [18.18.0.128] (ORDER.MIT.EDU [18.18.0.128]) by melbourne-city-street.mit.edu (8.9.2/8.9.2) with ESMTP id PAA10968 for ; Mon, 11 Jun 2001 15:15:02 -0400 (EDT) Mime-Version: 1.0 X-Sender: ted@po12.mit.edu Message-Id: In-Reply-To: References: Date: Mon, 11 Jun 2001 15:14:32 -0400 To: port-darwin@openafs.org From: Ted McCabe Subject: Re: [OpenAFS-port-darwin] Odd problem with file cp'ed from afs to local HD Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: At 3:03 PM -0400 6/11/01, Garance A Drosihn wrote: >I am running openafs on MacOS 10, and ran into an odd problem >when I copied a file from our local AFS cell to my hard disk. >(our AFS cell is all Transarc-afs servers, I am only using >OpenAFS on the client). >... >Luckily I work with freebsd, and this sounded a lot like the >"schg" flag in freebsd land. So I tried: > > ls -lo .bash_aliases > >(that's a lowercase-letter-O, not a zero). This told me: > >-rw-r--r-- 1 gad staff uappnd 21624 Jun 11 14:46 .bash_aliases >... >My guess is that there is something in darwin which thinks >those flags are on, but that AFS does not give the same >meaning to "those bits" as HFS+ gives to them. There's a bug in the 1.0.4 release - basically these attribute flags get random values due to uninitialized fields. I submitted a patch on May 10 for it (see https://lists.openafs.org/pipermail/port-darwin/2001-May/date.html and choose the 1 msg I sent ;-). --Ted From ted@MIT.EDU Mon Jun 11 15:38:44 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.72.0.53]) by grand.central.org (Postfix) with ESMTP id 0AF329BDA for ; Mon, 11 Jun 2001 15:38:44 -0400 (EDT) Received: from grand-central-station.mit.edu (GRAND-CENTRAL-STATION.MIT.EDU [18.7.21.82]) by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id PAA18602 for ; Mon, 11 Jun 2001 15:38:43 -0400 (EDT) Received: from melbourne-city-street.mit.edu (MELBOURNE-CITY-STREET.MIT.EDU [18.7.21.86]) by grand-central-station.mit.edu (8.9.2/8.9.2) with ESMTP id PAA08604 for ; Mon, 11 Jun 2001 15:38:43 -0400 (EDT) Received: from [18.18.0.128] (ORDER.MIT.EDU [18.18.0.128]) by melbourne-city-street.mit.edu (8.9.2/8.9.2) with ESMTP id PAA18306 for ; Mon, 11 Jun 2001 15:38:42 -0400 (EDT) Mime-Version: 1.0 X-Sender: ted@po12.mit.edu Message-Id: In-Reply-To: <200106111859.LAA23341@scv3.apple.com> References: <200106111859.LAA23341@scv3.apple.com> Date: Mon, 11 Jun 2001 15:37:38 -0400 To: port-darwin@openafs.org From: Ted McCabe Subject: Re: [OpenAFS-port-darwin] configuring openafs under MacOS 10 Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: At 11:59 AM -0700 6/11/01, Shantonu Sen wrote: >> I would do something along these lines. Have a configuration >> setting which says *which* cells should be added at system >> startup, and then something else which can be used to parse >> the "CellServDB.full" file and execute 'fs newcell' commands >> to bring up cells on the fly as the user requests them. > >So cells could be marked as boot-time-active or not, and those cells >would get written out to CellServDB. Additionally, cells can be >activated dynamically, but they wouldn't be started on next boot? > >This seems reasonable. Would we use another file to track this? I >don't like the thought of checking each cell to see if it has been >activated, so I'd prefer the have the info written to a file. > >Shantonu For a central admin, keeping a CellServDB (used at boot time) and CellServDB.full (used for reference) is likely the easiest route, plus any auxiliary files to keep the scripts/tools from being too complex. First question: Is this going to be a two-part tool, i.e. a GUI wrapper for a command-line prog? If so, then the command-line prog/script could be used by admins of clients that aren't Macs. Second question: any thoughts as to how to manage this when AFSDB RR comes out? I'd hate for an interface that prunes the CellServDB to be developed only to become meaningless if the Finder can still look up cell info over DNS. A related question: this list maintenance is similar to Athena's config_afs script, which has both the site's preferred CellServDB.public and a client's local additions in CellServDB.local. It also manages the list of which cells he client can trust suid. Will this tool behave similarly? --Ted From centuri@mac.com Wed Jun 13 11:06:12 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp.umr.edu (mrelay.cc.umr.edu [131.151.1.89]) by grand.central.org (Postfix) with ESMTP id 339B29C25 for ; Wed, 13 Jun 2001 11:06:12 -0400 (EDT) Received: from [131.151.32.145] (os9.cc.umr.edu [131.151.32.145]) via ESMTP by mrelay.cc.umr.edu (8.9.3/R.4.20) id KAA00782; Wed, 13 Jun 2001 10:06:10 -0500 Mime-Version: 1.0 X-Sender: centuri@mail.mac.com Message-Id: Date: Wed, 13 Jun 2001 10:06:46 -0500 To: port-darwin@openafs.org From: Robert Phelan Content-Type: text/plain; charset="us-ascii" ; format="flowed" Subject: [OpenAFS-port-darwin] Installer Package Broken? Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I've just recently tried to install the latest OpenAFS package for MacOSX, and it's continually hanging on "Running Installer Script" Anyone else run into this problem? I've been able to install/configure it before without too much trouble It's just when I've tried it recently that it's been acting up. Thanks Robert -- ----------------------------------------------------------------- Robert Phelan University Missouri Rolla Macintosh Development Analyst rjp231@umr.edu "If it's not on fire, you haven't clocked it high enough" ----------------------------------------------------------------- From ssen@mit.edu Wed Jun 13 12:26:11 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mail-out1.apple.com (mail-out1.apple.com [17.254.0.52]) by grand.central.org (Postfix) with ESMTP id 924619C25 for ; Wed, 13 Jun 2001 12:26:10 -0400 (EDT) Received: from apple.con (A17-128-100-225.apple.com [17.128.100.225]) by mail-out1.apple.com (8.9.3/8.9.3) with ESMTP id JAA22072 for ; Wed, 13 Jun 2001 09:26:09 -0700 (PDT) Received: from scv1.apple.com (scv1.apple.com) by apple.con (Content Technologies SMTPRS 4.2.1) with ESMTP id ; Wed, 13 Jun 2001 09:24:27 +0100 Received: from ssen (ssen.apple.com [17.203.12.194]) by scv1.apple.com (8.9.3/8.9.3) with ESMTP id JAA21055; Wed, 13 Jun 2001 09:26:08 -0700 (PDT) Message-Id: <200106131626.JAA21055@scv1.apple.com> Date: Wed, 13 Jun 2001 09:26:03 -0700 From: Shantonu Sen Content-Type: text/plain; format=flowed; charset=us-ascii Subject: Re: [OpenAFS-port-darwin] Installer Package Broken? Cc: port-darwin@openafs.org To: Robert Phelan X-Mailer: Apple Mail (2.388) In-Reply-To: Mime-Version: 1.0 (Apple Message framework v388) Content-Transfer-Encoding: 7bit Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Robert, I thought a new package had been uploaded which fixed this problem. perhaps not. Anway, navigate into the OpenAFS.pkg in a terminal: [ssen:~] ssen% cd OpenAFS.pkg/Contents/Resources/ [ssen:OpenAFS.pkg/Contents/Resources] ssen% ls -al total 37672 drwxr-xr-x 9 ssen admin 262 Jun 13 09:23 . drwxr-xr-x 3 ssen admin 58 Jun 13 09:22 .. -r--r--r-- 1 ssen admin 12972 Apr 25 06:42 License.rtf -rw-r--r-- 1 ssen admin 38674 Apr 25 06:42 OpenAFS.bom -r--r--r-- 1 ssen admin 235 Apr 25 06:42 OpenAFS.info -r--r--r-- 1 ssen admin 19212886 Apr 25 06:42 OpenAFS.pax.gz -r--r--r-- 1 ssen admin 94 Apr 25 06:42 OpenAFS.post_install -rw-r--r-- 1 ssen admin 54 Apr 25 06:43 OpenAFS.sizes -r--r--r-- 1 ssen admin 919 Apr 25 06:42 ReadMe.rtf [ssen:OpenAFS.pkg/Contents/Resources] ssen% chmod 755 OpenAFS.post_install Then delete /Library/Receipts/OpenAFS.pkg, /Library/OpenAFS, and /var/db/openafs, and reinstall the package. Shantonu On Wednesday, June 13, 2001, at 08:06 AM, Robert Phelan wrote: > I've just recently tried to install the latest OpenAFS package for MacOSX, > and it's continually hanging on "Running Installer Script" Anyone else > run into this problem? I've been able to install/configure it before > without too much trouble It's just when I've tried it recently that it's > been acting up. > > Thanks > Robert > -- ----------------------------------------------------------------- > Robert Phelan University Missouri Rolla > Macintosh Development Analyst rjp231@umr.edu > "If it's not on fire, you haven't clocked it high enough" > ----------------------------------------------------------------- > _______________________________________________ > port-darwin mailing list > port-darwin@openafs.org > https://lists.openafs.org/mailman/listinfo/port-darwin From grahamf@cats.ucsc.edu Wed Jun 13 15:05:56 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from cats.ucsc.edu (rumpleteazer.ucsc.edu [128.114.129.45]) by grand.central.org (Postfix) with ESMTP id E7D519C22 for ; Wed, 13 Jun 2001 15:05:55 -0400 (EDT) Received: from manray.ic.ucsc.edu (grahamf@manray.ic.ucsc.edu [128.114.129.200]) by cats.ucsc.edu (8.9.3/8.8.4.cats-athena) with ESMTP id MAA01982 for ; Wed, 13 Jun 2001 12:05:58 -0700 (PDT) Received: from localhost (grahamf@localhost) by manray.ic.ucsc.edu (8.10.1/8.10.1) with ESMTP id f5DJ5r210288 for ; Wed, 13 Jun 2001 12:05:53 -0700 (PDT) X-Authentication-Warning: manray.ic.ucsc.edu: grahamf owned process doing -bs Date: Wed, 13 Jun 2001 12:05:53 -0700 (PDT) From: Graham Freeman X-X-Sender: To: Subject: Re: [OpenAFS-port-darwin] Installer Package Broken? In-Reply-To: <20010613160103.D018E9C3D@grand.central.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: > Message: 1 > Date: Wed, 13 Jun 2001 10:06:46 -0500 > To: port-darwin@openafs.org > From: Robert Phelan > Subject: [OpenAFS-port-darwin] Installer Package Broken? > > I've just recently tried to install the latest OpenAFS package for > MacOSX, and it's continually hanging on "Running Installer Script" > Anyone else run into this problem? I've been able to > install/configure it before without too much trouble It's just when > I've tried it recently that it's been acting up. > > Thanks > Robert > -- > ----------------------------------------------------------------- > Robert Phelan University Missouri Rolla > Macintosh Development Analyst rjp231@umr.edu > "If it's not on fire, you haven't clocked it high enough" > ----------------------------------------------------------------- I had the same problem when initially trying the OpenAFS 1.0.4 client on a G3 running OS X 10.0.3. Since reinstalling from scratch (for unrelated reasons), I have yet to encounter the problem again. I never figured out why, but I did have the same problem. -- Graham Freeman UNIX Systems Manager CATS-Instructional Computing tel: +1 831 459 2472 U.C. Santa Cruz, CA, USA http://ic.ucsc.edu/staff/grahamf/ From cg2v+@andrew.cmu.edu Wed Jun 13 19:28:41 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from po10.andrew.cmu.edu (PO10.ANDREW.CMU.EDU [128.2.10.110]) by grand.central.org (Postfix) with ESMTP id 57C169BD1 for ; Wed, 13 Jun 2001 19:28:41 -0400 (EDT) Received: (from postman@localhost) by po10.andrew.cmu.edu (8.9.3/8.9.3) id TAA00959 for port-darwin@openafs.org; Wed, 13 Jun 2001 19:28:39 -0400 (EDT) Received: via switchmail; Wed, 13 Jun 2001 19:28:39 -0400 (EDT) Received: from sphinx.andrew.cmu.edu via qmail ID ; Wed, 13 Jun 2001 19:27:19 -0400 (EDT) Received: from sphinx.andrew.cmu.edu via qmail ID ; Wed, 13 Jun 2001 19:27:19 -0400 (EDT) Received: from mms.4.60.Apr..3.2000.21.32.31.i386.Linux.22.EzMail.2.0.CUILIB.3.45.SNAP.NOT.LINKED.sphinx.andrew.cmu.edu.i386.linux22 via MS.5.6.sphinx.andrew.cmu.edu.i386_Linux_22; Wed, 13 Jun 2001 19:27:19 -0400 (EDT) Message-ID: <0v9zPL5z0001QiedhK@andrew.cmu.edu> Date: Wed, 13 Jun 2001 19:27:19 -0400 (EDT) From: Chaskiel M Grundman To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] Installer Package Broken? Cc: In-Reply-To: <200106131626.JAA21055@scv1.apple.com> References: <200106131626.JAA21055@scv1.apple.com> Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Excerpts from internet.computing.openafs.port-darwin: 13-Jun-101 Re: [OpenAFS-port-darwin] I.. by Shantonu Sen@mit.edu > I thought a new package had been uploaded which fixed this problem. > perhaps not. Anway, navigate into the OpenAFS.pkg in a terminal: A new package had been released. The maintainer of the webserver regressed some files because of a problem with rsync corrupting some other files. The fixed package has been restored. From thomasv@apple.com Thu Jun 14 03:02:35 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mail-out2.apple.com (mail-out2.apple.com [17.254.0.51]) by grand.central.org (Postfix) with ESMTP id 3C7F19BD1 for ; Thu, 14 Jun 2001 03:02:35 -0400 (EDT) Received: from apple.com (A17-129-100-225.apple.com [17.129.100.225]) by mail-out2.apple.com (8.9.3/8.9.3) with ESMTP id AAA21606 for ; Thu, 14 Jun 2001 00:02:34 -0700 (PDT) Received: from scv3.apple.com (scv3.apple.com) by apple.com (Content Technologies SMTPRS 4.2.1) with ESMTP id ; Thu, 14 Jun 2001 00:02:33 -0700 Received: from gala.apple.com (gala.apple.com [17.128.120.34]) by scv3.apple.com (8.9.3/8.9.3) with ESMTP id AAA15969; Thu, 14 Jun 2001 00:02:33 -0700 (PDT) Date: Thu, 14 Jun 2001 00:02:33 -0700 (PDT) From: Thomas Vincent - 409-974-3678 To: Graham Freeman Cc: Subject: Re: [OpenAFS-port-darwin] Installer Package Broken? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Hi, There was bug in the original installer that caused the installation to hang. The newer installer on http://www.openafs.org works fine. Cheeers, Thomas Vincent Apple IS&T On Wed, 13 Jun 2001, Graham Freeman wrote: > > > Message: 1 > > Date: Wed, 13 Jun 2001 10:06:46 -0500 > > To: port-darwin@openafs.org > > From: Robert Phelan > > Subject: [OpenAFS-port-darwin] Installer Package Broken? > > > > I've just recently tried to install the latest OpenAFS package for > > MacOSX, and it's continually hanging on "Running Installer Script" > > Anyone else run into this problem? I've been able to > > install/configure it before without too much trouble It's just when > > I've tried it recently that it's been acting up. > > > > Thanks > > Robert > > -- > > ----------------------------------------------------------------- > > Robert Phelan University Missouri Rolla > > Macintosh Development Analyst rjp231@umr.edu > > "If it's not on fire, you haven't clocked it high enough" > > ----------------------------------------------------------------- > > > I had the same problem when initially trying the OpenAFS 1.0.4 client on a > G3 running OS X 10.0.3. Since reinstalling from scratch (for unrelated > reasons), I have yet to encounter the problem again. > > I never figured out why, but I did have the same problem. > > > -- > > Graham Freeman UNIX Systems Manager > CATS-Instructional Computing tel: +1 831 459 2472 > U.C. Santa Cruz, CA, USA http://ic.ucsc.edu/staff/grahamf/ > > _______________________________________________ > port-darwin mailing list > port-darwin@openafs.org > https://lists.openafs.org/mailman/listinfo/port-darwin > From drosih@rpi.edu Thu Jun 14 18:45:24 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mail.rpi.edu (mail.rpi.edu [128.113.22.40]) by grand.central.org (Postfix) with ESMTP id BC3399C21 for ; Thu, 14 Jun 2001 18:45:24 -0400 (EDT) Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47]) by mail.rpi.edu (8.11.3/8.11.3) with ESMTP id f5ENjNO64482; Thu, 14 Jun 2001 19:45:23 -0400 Mime-Version: 1.0 X-Sender: drosih@mail.rpi.edu Message-Id: In-Reply-To: References: <200106111640.JAA06856@scv3.apple.com> Date: Thu, 14 Jun 2001 19:45:20 -0400 To: Shantonu Sen , port-darwin@openafs.org From: Garance A Drosihn Subject: Re: [OpenAFS-port-darwin] configuring openafs under MacOS 10 Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: At 2:41 PM -0400 6/11/01, Garance A Drosihn wrote: >At 9:40 AM -0700 6/11/01, Shantonu Sen wrote: >>3) Store the full CellServDB in CellServDB-format as >> "/var/db/openafs/etc/CellServDB.full". This will include >> both active and inactive cells, and the inactive ones can >> be determined by seeing what *doesn't* exist in the >> "/var/db/openafs/etc/CellServDB". > >I would do something along these lines. Have a configuration >setting which says *which* cells should be added at system >startup, and then something else which can be used to parse >the "CellServDB.full" file and execute 'fs newcell' commands >to bring up cells on the fly as the user requests them. > >I have a rough setup using a perl script that I use for my >own purposes, but it isn't quite "user-friendly" yet... As I mentioned on one of the other openafs lists, this perl script is now available for anyone curious about it. It assumes that the "full" CellServDB is in 'CellServDB.orig'. I suspect that many people have written somewhat similar scripts, although maybe they haven't had the same ideas in mind as I did when writing this. I originally intended to have this script also CREATE the "trimmed-down client CellServDB", but I haven't done that yet. It's always been easier to get the initial DB by just copying a real one and deleting the lines I didn't care about. If you change the script so the 'is_domain' and 'isin_domain' arrays were initialized from $ENV, then it could be readily used as a generic automatic script. Maybe run it once a day, to recreate the "trimmed down DB" and refresh the cell-info for any cells in that list which had changed since the previous run. Then add some way for users to see what cells they might want to add, and a privileged process to add them. I already know basically what I want to change in this script to make all that possible, I just haven't had a big need to do it yet. Let me know if people would be interested in seeing me add these things. I hope to get openafs or ARLA up on my freebsd boxes soon, and between that and openAFS for MacOS 10, I'll have a lot more reason to work on these ideas. Anyway, it's available at: ftp://freefour.acs.rpi.edu/pub/openafs/reset_afs_cells It assumes perl is in /usr/bin/perl, because that's where it is on MacOS 10... -- Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu From srb@umich.edu Mon Oct 8 09:12:30 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from changeofhabit.mr.itd.umich.edu (changeofhabit.mr.itd.umich.edu [141.211.144.17]) by grand.central.org (Postfix) with ESMTP id 216119BE1 for ; Mon, 8 Oct 2001 09:12:30 -0400 (EDT) Received: from srb.icpsr.umich.edu (srb.icpsr.umich.edu [141.211.192.183]) by changeofhabit.mr.itd.umich.edu (8.9.3/3.2r) with ESMTP id PAA28562 for ; Mon, 8 Oct 2001 15:54:54 -0400 (EDT) Date: Mon, 08 Oct 2001 15:54:53 -0400 From: Steve Burling To: port-darwin@openafs.org Message-ID: <6433633.1002556493@srb.icpsr.umich.edu> X-Mailer: Mulberry/2.1.0 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: [OpenAFS-port-darwin] Mac OS X 10.1 Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Is anyone actively working on Darwin 1.4.1 support? -- Steve ----------------------------------------------------------------------- Steve Burling University of Michigan, ICPSR Voice: +1 734 998.9873 311 Maynard Street FAX: +1 734 998.9905 Ann Arbor, MI 48104-2211 From centuri@rollanet.org Thu May 24 17:40:10 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mx.rollanet.org (mailsrv.rollanet.org [192.55.114.7]) by grand.central.org (Postfix) with SMTP id 40C7C9BCA for ; Thu, 24 May 2001 17:40:10 -0400 (EDT) Received: (qmail 24798 invoked from network); 24 May 2001 21:40:09 -0000 Received: from pkrh-dc-g9-as5200-async24.network.umr.edu (HELO ?131.151.65.74?) (131.151.65.74) by mx.rollanet.org with SMTP; 24 May 2001 21:40:09 -0000 Message-Id: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Thu, 24 May 2001 16:40:19 -0500 To: port-darwin@openafs.org From: Robert Phelan Subject: [OpenAFS-port-darwin] OSXServer Problem Solved. Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I had sent this out earlier, but it seems to have gotten munched somewhere along the line: This case was a good example of why you should try to be awake while working. In /var/db/openafs/etc/config/afsd.options I had displaced the A and the E in dAEmon. Can't believe I spent 2 hours trying to figure that one out. I switched them and everything came alive the way it should, so it would seem that the current pkg installer is compatable with OSX Server 2.0 after all. Also, after a reinstall of the server software, the openafs installer stopped hanging on Optimizing System Performace, so that's a go as well. Thanks a lot to those who replied, if I hadn't finally caught that, I wasn't sure what I was going to do. Now the next step is to get kerberos working and then maybe, that combined with NIS and the now working OpenAFS client, I'll be able to log into this OSX machine like I would any other Unix box on campus. Thanks again. Robert From ahltorp@nada.kth.se Mon Jun 4 09:22:36 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from ahltorp.nada.kth.se (ahltorp.nada.kth.se [130.237.7.99]) by grand.central.org (Postfix) with ESMTP id 5B2949BCF for ; Mon, 4 Jun 2001 09:22:35 -0400 (EDT) Received: (from ahltorp@localhost) by ahltorp.nada.kth.se (8.8.8+Sun/8.8.7) id PAA12882; Mon, 4 Jun 2001 15:22:32 +0200 (MET DST) X-Authentication-Warning: ahltorp.nada.kth.se: ahltorp set sender to ahltorp@nada.kth.se using -f To: port-darwin@openafs.org From: Magnus Ahltorp Content-Type: text/plain; charset="iso-8859-1" Content-Language: en Date: 04 Jun 2001 15:22:31 +0200 Message-ID: Lines: 12 User-Agent: Gnus/5.0807 (Gnus v5.8.7) Emacs/20.7 MIME-Version: 1.0 Subject: [OpenAFS-port-darwin] Arla configuration tool Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I'm not on the list, but I heard that people were looking at creating a GUI for Mac OS X. I have made a GUI for Arla, which is available in the upcoming 0.35.4 release (pre versions are available). It's Cocoa based, and uses the Authorization API to start and stop things. http://www.stacken.kth.se/projekt/arla/ /Magnus From cc@137.org Mon Sep 3 03:45:51 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from gypsy.vrac.iastate.edu (gypsy.vrac.iastate.edu [129.186.232.122]) by grand.central.org (Postfix) with ESMTP id 26C8D9BDC for ; Mon, 3 Sep 2001 03:45:51 -0400 (EDT) Received: from death.scl.ameslab.gov (death.scl.ameslab.gov [147.155.137.56]) by gypsy.vrac.iastate.edu (Postfix) with ESMTP id CB85A3EA for ; Mon, 3 Sep 2001 02:45:50 -0500 (CDT) Date: Mon, 3 Sep 2001 02:45:50 -0500 (CDT) From: Chris Csanady To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: [OpenAFS-port-darwin] OpenAFS and cddafs.. Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Hi, I recently installed OpenAFS 1.1.1 on MacOS X 1.0.4, and the issues with OpenAFS conflicting with cddafs, etc, still exist. Has there been any work to determine the cause of this problem? Any easy fixes? Thanks, Chris From cg2v+@andrew.cmu.edu Mon Oct 8 19:36:51 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from po10.andrew.cmu.edu (PO10.ANDREW.CMU.EDU [128.2.10.110]) by grand.central.org (Postfix) with ESMTP id 1F8DD9BDB for ; Mon, 8 Oct 2001 19:36:51 -0400 (EDT) Received: (from postman@localhost) by po10.andrew.cmu.edu (8.9.3/8.9.3) id TAA00959 for port-darwin@openafs.org; Mon, 8 Oct 2001 19:36:47 -0400 (EDT) Received: via switchmail; Mon, 8 Oct 2001 19:36:47 -0400 (EDT) Received: from sphinx.andrew.cmu.edu via qmail ID ; Mon, 8 Oct 2001 19:36:31 -0400 (EDT) Received: from sphinx.andrew.cmu.edu via qmail ID ; Mon, 8 Oct 2001 19:36:30 -0400 (EDT) Received: from mms.4.60.Jul.16.2001.15.18.20.i386.Linux.22.EzMail.2.0.CUILIB.3.45.SNAP.NOT.LINKED.sphinx.andrew.cmu.edu.i386.linux22 via MS.5.6.sphinx.andrew.cmu.edu.i386_Linux_22; Mon, 8 Oct 2001 19:36:30 -0400 (EDT) Message-ID: <4vkXVyxz0001AMqOIW@andrew.cmu.edu> Date: Mon, 8 Oct 2001 19:36:30 -0400 (EDT) From: Chaskiel M Grundman To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] Mac OS X 10.1 Cc: In-Reply-To: <6433633.1002556493@srb.icpsr.umich.edu> References: <6433633.1002556493@srb.icpsr.umich.edu> Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Excerpts from internet.computing.openafs.port-darwin: 8-Oct-101 [OpenAFS-port-darwin] Mac O.. by Steve Burling@umich.edu > Is anyone actively working on Darwin 1.4.1 support? I am not. I don't really have the time right now, and my employers aren't as interested in spending resources on OS X as they once were. From rrhill@ucdavis.edu Tue Oct 16 18:41:31 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from grover.ucdavis.edu (grover.ucdavis.edu [169.237.105.4]) by grand.central.org (Postfix) with ESMTP id 981159C02 for ; Tue, 16 Oct 2001 18:41:30 -0400 (EDT) Received: from [169.237.55.35] (webmaster.engineering.ucdavis.edu [169.237.55.35]) by grover.ucdavis.edu (8.11.4/8.11.0/IT4.4.9) with ESMTP id f9GMegF13950 for ; Tue, 16 Oct 2001 15:41:28 -0700 (PDT) Mime-Version: 1.0 X-Sender: rrhill@mailbox.ucdavis.edu Message-Id: X-Priority: 1 (Highest) Date: Tue, 16 Oct 2001 15:40:33 -0700 To: port-darwin@openafs.org From: Rick Hill Content-Type: text/plain; charset="us-ascii" ; format="flowed" Subject: [OpenAFS-port-darwin] OSX 10.1 Help Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: OK. I updated to 10.1 and I lost AFS. I removed the older version and reinstalled the 1.2.2 binary. All goes well. On boot I can see the message saying it is starting OpenAFS. However, I can't connect to AFS space any more. I did my initial install many moons ago and uncharacteristically do not have my original installation notes. I kept a copy of the /private/var/db/openafs/etc directory so the cell configuration is the same. Do I need to edit something in the hostconfig or other file to get AFS space to mount? Or doe 1.2.2 not support 10.1? I am not running as a server. I just need to mount the local campus AFS cells. -- ____________________________________________________________ Rick Hill Webmaster ============== Academic Computing Services Office: (530) 752-1616 College of Engineering FAX: (530) 752-4465 One Shields Avenue Email: rrhill@ucdavis.edu Davis, CA 95616-5293 ____________________________________________________________ U N I V E R S I T Y O F C A L I F O R N I A, D A V I S ____________________________________________________________ From rrhill@ucdavis.edu Tue Oct 16 19:54:21 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from grover.ucdavis.edu (grover.ucdavis.edu [169.237.105.4]) by grand.central.org (Postfix) with ESMTP id 47BE89C02 for ; Tue, 16 Oct 2001 19:54:21 -0400 (EDT) Received: from [169.237.55.35] (webmaster.engineering.ucdavis.edu [169.237.55.35]) by grover.ucdavis.edu (8.11.4/8.11.0/IT4.4.9) with ESMTP id f9GNsKF09524; Tue, 16 Oct 2001 16:54:20 -0700 (PDT) Mime-Version: 1.0 X-Sender: rrhill@mailbox.ucdavis.edu Message-Id: X-Priority: 1 (Highest) Date: Tue, 16 Oct 2001 16:53:01 -0700 To: port-darwin@openafs.org From: Rick Hill Content-Type: text/plain; charset="us-ascii" ; format="flowed" Subject: [OpenAFS-port-darwin] OSX 10.1 Help Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: More. I ran the OpenAFS stratup script directly from the CLI and got the following: [Library/StartupItems/OpenAFS] root# ./OpenAFS Loading AFS kernel extensions Installed version 1.0.0b1 of dependency com.apple.kernel.bsd is not compatible with extension org.openafs.filesystems.afs. Error loading module: one or more dependencies lack compatible versions. AFS kernel extensions failed to initialize. Skipping AFS startup. >OK. I updated to 10.1 and I lost AFS. I removed the older version >and reinstalled the 1.2.2 binary. All goes well. On boot I can see >the message saying it is starting OpenAFS. However, I can't connect >to AFS space any more. I did my initial install many moons ago and >uncharacteristically do not have my original installation notes. I >kept a copy of the /private/var/db/openafs/etc directory so the cell >configuration is the same. Do I need to edit something in the >hostconfig or other file to get AFS space to mount? Or doe 1.2.2 >not support 10.1? I am not running as a server. I just need to >mount the local campus AFS cells. -- ____________________________________________________________ Rick Hill Webmaster ============== Academic Computing Services Office: (530) 752-1616 College of Engineering FAX: (530) 752-4465 One Shields Avenue Email: rrhill@ucdavis.edu Davis, CA 95616-5293 ____________________________________________________________ U N I V E R S I T Y O F C A L I F O R N I A, D A V I S ____________________________________________________________ From jackson@CMU.EDU Wed Oct 17 10:37:48 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp5.andrew.cmu.edu (SMTP5.ANDREW.CMU.EDU [128.2.10.85]) by grand.central.org (Postfix) with ESMTP id 4CDBC9C02 for ; Wed, 17 Oct 2001 10:37:48 -0400 (EDT) Received: from SARATOGA.CC.CMU.EDU (SARATOGA.CC.CMU.EDU [128.2.120.70]) by smtp5.andrew.cmu.edu (8.12.0.Beta16/8.12.0.Beta16) with ESMTP id f9HEbksV027672; Wed, 17 Oct 2001 10:37:46 -0400 Date: Wed, 17 Oct 2001 10:37:47 -0400 Subject: Re: [OpenAFS-port-darwin] OSX 10.1 Help Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v472) Cc: port-darwin@openafs.org To: Rick Hill From: Joseph Jackson In-Reply-To: Message-Id: <88D93496-C30C-11D5-A8C6-003065F31D64@CMU.EDU> Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.472) Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: The OpenAFS distribution doesn't work on Mac OS X 10.1. Apple made substantial kernel changes so the OpenAFS client will need source code modifications before it will work on 10.1. We haven't scheduled anyone to take on that task yet, so I can't say when an updated distribution will be available. I'm trying to get info on what was changed so we can at least make plans to update the port. I'll post again when I know more. Joe Jackson, Carnegie Mellon University. From Massimo_Marino@lbl.gov Wed Oct 17 12:24:58 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from postal2.lbl.gov (postal2.lbl.gov [131.243.248.26]) by grand.central.org (Postfix) with ESMTP id 74DB89C02 for ; Wed, 17 Oct 2001 12:24:58 -0400 (EDT) Received: from SpamWall.lbl.gov (localhost [127.0.0.1]) by postal2.lbl.gov (8.11.2/8.11.2) with ESMTP id f9HGOvk22415 for ; Wed, 17 Oct 2001 09:24:57 -0700 (PDT) Received: from [137.138.245.177] (isdnp6.cern.ch [137.138.245.166]) by SpamWall.lbl.gov (8.11.2/8.11.2) with ESMTP id f9HGOtS22411 for ; Wed, 17 Oct 2001 09:24:55 -0700 (PDT) Mime-Version: 1.0 X-Sender: Massimo_Marino@imap4.lbl.gov (Unverified) Message-Id: In-Reply-To: <20011017160102.95E9A9C16@grand.central.org> References: <20011017160102.95E9A9C16@grand.central.org> Date: Wed, 17 Oct 2001 18:25:26 +0200 To: port-darwin@openafs.org From: Massimo Marino Content-Type: text/plain; charset="us-ascii" ; format="flowed" Subject: [OpenAFS-port-darwin] Re: port-darwin digest, Vol 1 #18 - 3 msgs Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: OpenAFS does NOT run on Mac OS X (release 10.1) in that it is aimed at old version Darwin 1.3 OS X 10.1 runs on Darwin 1.4 . Install Arla instead: the support for Darwin is 100% and their AFS client/server installation works perfectly with 10.1 . http://www.stacken.kth.se/projekt/arla/ Cheers > >Today's Topics: > > 1. OSX 10.1 Help (Rick Hill) > 2. OSX 10.1 Help (Rick Hill) > 3. Re: OSX 10.1 Help (Joseph Jackson) > >--__--__-- > >Message: 1 >Date: Tue, 16 Oct 2001 15:40:33 -0700 >To: port-darwin@openafs.org >From: Rick Hill >Subject: [OpenAFS-port-darwin] OSX 10.1 Help > >OK. I updated to 10.1 and I lost AFS. I removed the older version >and reinstalled the 1.2.2 binary. All goes well. On boot I can see >the message saying it is starting OpenAFS. However, I can't connect >to AFS space any more. I did my initial install many moons ago and >uncharacteristically do not have my original installation notes. I >kept a copy of the /private/var/db/openafs/etc directory so the cell >configuration is the same. Do I need to edit something in the >hostconfig or other file to get AFS space to mount? Or doe 1.2.2 not >support 10.1? I am not running as a server. I just need to mount >the local campus AFS cells. >-- >____________________________________________________________ > Rick Hill > Webmaster > ============== > Academic Computing Services Office: (530) 752-1616 > College of Engineering FAX: (530) 752-4465 > One Shields Avenue Email: rrhill@ucdavis.edu > Davis, CA 95616-5293 >____________________________________________________________ > U N I V E R S I T Y O F C A L I F O R N I A, D A V I S >____________________________________________________________ > >--__--__-- > >Message: 2 >Date: Tue, 16 Oct 2001 16:53:01 -0700 >To: port-darwin@openafs.org >From: Rick Hill >Subject: [OpenAFS-port-darwin] OSX 10.1 Help > >More. I ran the OpenAFS stratup script directly from the CLI and got >the following: > >[Library/StartupItems/OpenAFS] root# ./OpenAFS >Loading AFS kernel extensions >Installed version 1.0.0b1 of dependency com.apple.kernel.bsd is not >compatible with extension org.openafs.filesystems.afs. >Error loading module: one or more dependencies lack compatible versions. >AFS kernel extensions failed to initialize. Skipping AFS startup. > >>OK. I updated to 10.1 and I lost AFS. I removed the older version >>and reinstalled the 1.2.2 binary. All goes well. On boot I can see >>the message saying it is starting OpenAFS. However, I can't connect >>to AFS space any more. I did my initial install many moons ago and >>uncharacteristically do not have my original installation notes. I >>kept a copy of the /private/var/db/openafs/etc directory so the cell >>configuration is the same. Do I need to edit something in the >>hostconfig or other file to get AFS space to mount? Or doe 1.2.2 >>not support 10.1? I am not running as a server. I just need to >>mount the local campus AFS cells. >-- >____________________________________________________________ > Rick Hill > Webmaster > ============== > Academic Computing Services Office: (530) 752-1616 > College of Engineering FAX: (530) 752-4465 > One Shields Avenue Email: rrhill@ucdavis.edu > Davis, CA 95616-5293 >____________________________________________________________ > U N I V E R S I T Y O F C A L I F O R N I A, D A V I S >____________________________________________________________ > >--__--__-- > >Message: 3 >Date: Wed, 17 Oct 2001 10:37:47 -0400 >Subject: Re: [OpenAFS-port-darwin] OSX 10.1 Help >Cc: port-darwin@openafs.org >To: Rick Hill >From: Joseph Jackson > >The OpenAFS distribution doesn't work on Mac OS X 10.1. Apple made >substantial kernel changes so the OpenAFS client will need source code >modifications before it will work on 10.1. We haven't scheduled anyone >to take on that task yet, so I can't say when an updated distribution >will be available. I'm trying to get info on what was changed so we can >at least make plans to update the port. I'll post again when I know more. > >Joe Jackson, >Carnegie Mellon University. > > > >--__--__-- > >_______________________________________________ >port-darwin mailing list >port-darwin@openafs.org >https://lists.openafs.org/mailman/listinfo/port-darwin > > >End of port-darwin Digest -- Massimo Marino NERSC Division - HPC Department - Lawrence Berkeley National Laboratory http://www.slac.stanford.edu/~marino On leave at CERN, CH, EP Division, Atlas experiment phone: (+41) 22 767-72997 & 767-71292 fax: (+41) 22 767-8350 Office: 2-R004 & 40-3-C02 alternate email: marino@mail.cern.ch or Massimo.Fabio.Marino@cern.ch From shetomv@pacbell.net Fri Oct 19 02:20:41 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from pltn13.pbi.net (mta7.pltn13.pbi.net [64.164.98.8]) by grand.central.org (Postfix) with ESMTP id 026E89BDD for ; Fri, 19 Oct 2001 02:20:40 -0400 (EDT) Received: from [64.160.47.25] by mta7.pltn13.pbi.net (iPlanet Messaging Server 5.1 (built May 7 2001)) with ESMTP id <0GLF00AQRWA4RR@mta7.pltn13.pbi.net> for port-darwin@openafs.org; Thu, 18 Oct 2001 23:20:28 -0700 (PDT) Date: Thu, 18 Oct 2001 23:15:24 -0700 From: Thomas Vincent Subject: Re: [OpenAFS-port-darwin] Re: port-darwin digest, Vol 1 #18 - 3 msgs In-reply-to: To: Massimo Marino , port-darwin@openafs.org Message-id: MIME-version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT User-Agent: Microsoft-Entourage/9.0.1.3108 Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: On 10/17/01 9:25 AM, "Massimo Marino" wrote: > OpenAFS does NOT run on Mac OS X (release 10.1) in that it is aimed > at old version Darwin 1.3 > > OS X 10.1 runs on Darwin 1.4 . > > Install Arla instead: the support for Darwin is 100% and their AFS > client/server installation works perfectly with 10.1 . > > http://www.stacken.kth.se/projekt/arla/ It works but Arla's performance generally lags behind AFS. From shetomv@pacbell.net Fri Oct 19 02:28:41 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from pltn13.pbi.net (mta7.pltn13.pbi.net [64.164.98.8]) by grand.central.org (Postfix) with ESMTP id ECB3A9BDD for ; Fri, 19 Oct 2001 02:28:40 -0400 (EDT) Received: from [64.160.47.25] by mta7.pltn13.pbi.net (iPlanet Messaging Server 5.1 (built May 7 2001)) with ESMTP id <0GLF00AT6WNRPY@mta7.pltn13.pbi.net> for port-darwin@openafs.org; Thu, 18 Oct 2001 23:28:39 -0700 (PDT) Date: Thu, 18 Oct 2001 23:28:39 -0700 From: Thomas Vincent Subject: Re: [OpenAFS-port-darwin] Re: port-darwin digest, Vol 1 #18 - 3 msgs In-reply-to: To: Massimo Marino , port-darwin@openafs.org Message-id: MIME-version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT User-Agent: Microsoft-Entourage/9.0.1.3108 Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I should qualify my statement a little. The Arla stuff resides outside the kernel , atleast it did the last time I used it. Therefore you don't get the same performance you do with AFS. When Arla works on 10.1, and AFS doesn't. There is not much of a choice. Cheers, Thomas Vincent On 10/18/01 11:15 PM, "Thomas Vincent" wrote: > On 10/17/01 9:25 AM, "Massimo Marino" wrote: > >> OpenAFS does NOT run on Mac OS X (release 10.1) in that it is aimed >> at old version Darwin 1.3 >> >> OS X 10.1 runs on Darwin 1.4 . >> >> Install Arla instead: the support for Darwin is 100% and their AFS >> client/server installation works perfectly with 10.1 . >> >> http://www.stacken.kth.se/projekt/arla/ > > It works but Arla's performance generally lags behind AFS. > > _______________________________________________ > port-darwin mailing list > port-darwin@openafs.org > https://lists.openafs.org/mailman/listinfo/port-darwin From arosenbl@mac.com Fri Oct 19 19:43:12 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtpout.mac.com (unknown [204.179.120.86]) by grand.central.org (Postfix) with ESMTP id E1BEC9BDD for ; Fri, 19 Oct 2001 19:43:11 -0400 (EDT) Received: from smtp-relay01.mac.com (smtp-relay01-qfe3 [10.13.10.224]) by smtpout.mac.com (8.10.2/8.10.2/1.0) with ESMTP id f9JNh3U16210 for ; Fri, 19 Oct 2001 16:43:03 -0700 (PDT) Received: from asmtp01.mac.com ([10.13.10.65]) by smtp-relay01.mac.com (Netscape Messaging Server 4.15 relay01 Jun 21 2001 23:53:48) with ESMTP id GLH8JT00.UU5 for ; Fri, 19 Oct 2001 16:43:05 -0700 Received: from localhost ([66.41.125.11]) by asmtp01.mac.com (Netscape Messaging Server 4.15 asmtp01 Jun 21 2001 23:53:48) with ESMTP id GLH8JS00.QAA for ; Fri, 19 Oct 2001 16:43:04 -0700 Date: Fri, 19 Oct 2001 19:43:04 -0400 Mime-Version: 1.0 (Apple Message framework v472) Content-Type: text/plain; charset=US-ASCII; format=flowed From: Aaron Rosenblum To: port-darwin@openafs.org Content-Transfer-Encoding: 7bit Message-Id: <0A88829B-C4EB-11D5-910B-003065D63730@mac.com> X-Mailer: Apple Mail (2.472) Subject: [OpenAFS-port-darwin] Re: port-darwin digest, Vol 1 #18 - 3 msgs Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I have been playing with Arla on MacOS 10.1. It builds with kth-krb, but not with MIT KfM. MIT KfM 4.0 is now the official kerberos implementation on MacOS X and to get Arla to work with KfM one needs to build it with a library called krbafs. Unfortunately (to my knowledge) it appears that 'krbafs' has not been updated in a matter of years, and thus is not aware of MacOS X in the configure script. There may be some other issues as well. here is the page for krb-afs: http://asg.web.cmu.edu/andrew2/dist/krbafs.html It appears to be maintained at CMU. Does anyone know the status of this piece of code, and if anyone is working on getting it running on MacOS 10.1? It would seem that once this happens, Arla will function on MacOS 10.1 with the built in KfM. Users would then be able to use the kerberos login authenticator to log into a MacOS 10.1 box and maintain their Home directory on AFS, thus allowing MacOS 10.1 to work in a lab environment. Aaron Rosenblum University of Michigan - Computer Science Apple Computer Student Campus Rep >OpenAFS does NOT run on Mac OS X (release 10.1) in that it is aimed >at old version Darwin 1.3 > >OS X 10.1 runs on Darwin 1.4 . > >Install Arla instead: the support for Darwin is 100% and their AFS >client/server installation works perfectly with 10.1 . > >http://www.stacken.kth.se/projekt/arla/ > >Cheers From ssklar@stanford.edu Fri Oct 19 23:17:32 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp1.Stanford.EDU (smtp1.Stanford.EDU [171.64.14.23]) by grand.central.org (Postfix) with ESMTP id 5A5C19BDD for ; Fri, 19 Oct 2001 23:17:32 -0400 (EDT) Received: from [171.66.201.10] (Sklar-dsl.Stanford.EDU [171.66.201.10]) by smtp1.Stanford.EDU (8.11.1/8.11.3) with ESMTP id f9K3HUk13602; Fri, 19 Oct 2001 20:17:30 -0700 (PDT) Mime-Version: 1.0 X-Sender: ssklar@ssklar.pobox.stanford.edu (Unverified) Message-Id: In-Reply-To: <0A88829B-C4EB-11D5-910B-003065D63730@mac.com> References: <0A88829B-C4EB-11D5-910B-003065D63730@mac.com> Date: Fri, 19 Oct 2001 19:49:35 -0700 To: Aaron Rosenblum From: "Sandor W. Sklar" Cc: port-darwin@openafs.org Content-Type: text/plain; charset="us-ascii" ; format="flowed" Subject: [OpenAFS-port-darwin] re: krbafs for KfM ... Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: At 7:43 PM -0400 10/19/01, Aaron Rosenblum wrote: >I have been playing with Arla on MacOS 10.1. It builds with >kth-krb, but not with MIT KfM. MIT KfM 4.0 is now the official >kerberos implementation on MacOS X and to get Arla to work with KfM >one needs to build it with a library called krbafs. Unfortunately >(to my knowledge) it appears that 'krbafs' has not been updated in a >matter of years, and thus is not aware of MacOS X in the configure >script. There may be some other issues as well. I asked a similar question several days ago on another list, and received this reply from one of the MIT developers ... >>>I am right now in the middle of working on a version of krbafs >>>which configures and builds correctly on Mac OS X 10.1. >>> >>>There are a few changes which need to be made because KfM defines >>>several functions such as afs_string_to_key() which krbafs also >>>tries to define. I'm adding autoconf checks to work around this. >>>There are also a few problems due to bugs in the unix >>>compatibility libraries in 10.1 and differences in header file >>>locations. >>> >>>As soon as I'm done, I'm going to hand my patches back to the >>>openafs folks. At that point I will set up a web page with build >>>instructions for Mac OS X 10.1, and I will send mail to this list >>>with a pointer. My goal is probably similar to yours, in that I want users to login to MacOS X via their kerberos password, getting an afs token upon successful login, and have their home directories located within afs. Some people have gotten the above working, but not using KfM (and perhaps not with *all* of the beautiful integration the above implies.) We're not there yet, but it's oh so close! -s- -- ------------------------------------------------ sandor w. sklar | Non impediti unix systems administrator | ratione stanford university itss-css | cogitationis ------------------------------------------------- From ahltorp@nada.kth.se Tue Oct 23 16:58:44 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from fridge.nada.kth.se (fridge.nada.kth.se [130.237.222.120]) by grand.central.org (Postfix) with ESMTP id 008559C3A for ; Tue, 23 Oct 2001 16:58:43 -0400 (EDT) Received: (from ahltorp@localhost) by fridge.nada.kth.se (8.8.8+Sun/8.8.7) id WAA18085; Tue, 23 Oct 2001 22:58:16 +0200 (MET DST) X-Authentication-Warning: fridge.nada.kth.se: ahltorp set sender to ahltorp@nada.kth.se using -f To: Thomas Vincent Cc: port-darwin@openafs.org From: Magnus Ahltorp Content-Type: text/plain; charset="iso-8859-1" Content-Language: en Date: 23 Oct 2001 22:58:16 +0200 Message-ID: Lines: 9 User-Agent: Gnus/5.0807 (Gnus v5.8.7) Emacs/20.7 MIME-Version: 1.0 Subject: [OpenAFS-port-darwin] Re: port-darwin digest, Vol 1 #18 - 3 msgs Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: > The Arla stuff resides outside the kernel , atleast it did the last > time I used it. Therefore you don't get the same performance you do > with AFS. When Arla works on 10.1, and AFS doesn't. There is not > much of a choice. Have you seen a difference? In that case, I really want to see the numbers. /Magnus From shetomv@pacbell.net Fri Nov 2 03:47:23 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from snfc21.pbi.net (mta6.snfc21.pbi.net [206.13.28.240]) by grand.central.org (Postfix) with ESMTP id 058459BDB for ; Fri, 2 Nov 2001 03:47:23 -0500 (EST) Received: from [64.168.28.250] by mta6.snfc21.pbi.net (iPlanet Messaging Server 5.1 (built May 7 2001)) with ESMTP id <0GM6001PQ0EGWO@mta6.snfc21.pbi.net> for port-darwin@openafs.org; Fri, 02 Nov 2001 00:47:05 -0800 (PST) Date: Fri, 02 Nov 2001 00:47:05 -0800 From: Thomas Vincent In-reply-to: To: Magnus Ahltorp Cc: port-darwin@openafs.org Message-id: MIME-version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT User-Agent: Microsoft-Entourage/9.0.1.3108 Subject: [OpenAFS-port-darwin] Re: port-darwin digest, Vol 1 #18 - 3 msgs Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: On 10/23/01 1:58 PM, "Magnus Ahltorp" wrote: > Have you seen a difference? In that case, I really want to see the > numbers. I can't find the numbers. The numbers were given to me while I was still with Apple Computer. They came from IT folk at Umich. I consider them a reliable source. Cheers, Thomas Vincent From bbiswas@email.unc.edu Fri Nov 2 10:51:15 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtpsrv0.isis.unc.edu (smtpsrv0.isis.unc.edu [152.2.1.139]) by grand.central.org (Postfix) with ESMTP id D84BA9BDC for ; Fri, 2 Nov 2001 10:51:14 -0500 (EST) Received: from obie.oit.unc.edu (obie.oit.unc.edu [152.2.22.23]) by smtpsrv0.isis.unc.edu (8.9.3/8.9.1) with ESMTP id KAA12079 for ; Fri, 2 Nov 2001 10:51:14 -0500 (EST) Date: Fri, 02 Nov 2001 10:51:18 -0500 From: Brian Biswas To: port-darwin@openafs.org Message-ID: <60176.1004698278@obie.oit.unc.edu> X-Mailer: Mulberry/2.1.0 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: [OpenAFS-port-darwin] openafs Mac OS 10.1 port Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I needed to make a couple of code changes to get openafs to compile for Mac OS 10.1: In directory sys/afs/DARWIN, I changed source files "osi_vm.c" and "osi_vnodeops.c": Changed a structure member named "ui_holdcnt" to "ui_refcount" There is no structure member named "ui_holdcnt". This is in the ubc_info structure which is defined in /usr/include/sys/ubc.h. In source file "osi_vm.c", I changed two function calls of the type: ubc_getobject(vp); to ubc_getobject(vp, UBC_FLAGS_NONE); Compiler complained otherwise. At this point openafs would build. When loading src/libafs/MODLOAD/libafs.nonfs.o (which gets installed as: /usr/vice/etc/afs.kext/Contents/MacOS/afs), the following undefined symbol errors occur: %kextload /usr/vice/etc/afs.kext kmodload: kld(): kmodload: Undefined symbols:kmodload: kmodload: __ubc_getobject kmodload: _ubc_info_free kmodload: kld_load() failed.Error loading module: kmod load error. These symbols are both defined in /mach, ubc_getobject is defined globally, but ubc_info_free is local: %nm mach | grep ubc_getobject 00199408 A _ubc_getobject %nm mach | grep ubc_info_free 00198df0 a _ubc_info_free The function prototype for ubc_getobject is in /usr/include/sys/ubc.h: memory_object_control_t ubc_getobject __P((struct vnode *, int)); There isn't one for ubc_info_free. However there is one for the similiarly sounding ubc_info_deallocate: void ubc_info_deallocate __P((struct ubc_info *)); Should ubc_info_free in src/afs/DARWIN/osi_vm.c be ubc_info_deallocate? If I change it to that, rebuild and try to load the module into the kernel, I still get the error message about ubc_getobject: %kextload /usr/vice/etc/afs.kext kmodload: kld(): kmodload: Undefined symbols:kmodload: kmodload: __ubc_getobject kmodload: kld_load() failed.Error loading module: kmod load error. I don't see why one gets this error message since it is defined in the kernel. Ideas??? From ssen@MIT.EDU Fri Nov 2 11:04:07 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.7.21.83]) by grand.central.org (Postfix) with ESMTP id 33EA49BDC for ; Fri, 2 Nov 2001 11:04:07 -0500 (EST) Received: from grand-central-station.mit.edu (GRAND-CENTRAL-STATION.MIT.EDU [18.7.21.82]) by pacific-carrier-annex.mit.edu (8.9.2/8.9.2) with ESMTP id LAA28918; Fri, 2 Nov 2001 11:04:06 -0500 (EST) Received: from manawatu-mail-centre.mit.edu (MANAWATU-MAIL-CENTRE.MIT.EDU [18.7.21.85]) by grand-central-station.mit.edu (8.9.2/8.9.2) with ESMTP id LAA00663; Fri, 2 Nov 2001 11:00:16 -0500 (EST) Received: from definitely-not-swedish.mit.edu (DEFINITELY-NOT-SWEDISH.MIT.EDU [18.18.1.89]) by manawatu-mail-centre.mit.edu (8.9.2/8.9.2) with ESMTP id KAA10426; Fri, 2 Nov 2001 10:56:32 -0500 (EST) Received: (from ssen@localhost) by definitely-not-swedish.mit.edu (8.9.3) id KAA26870; Fri, 2 Nov 2001 10:56:32 -0500 (EST) Message-Id: <200111021556.KAA26870@definitely-not-swedish.mit.edu> To: Brian Biswas Cc: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] openafs Mac OS 10.1 port In-Reply-To: Your message of "Fri, 02 Nov 2001 10:51:18 EST." <60176.1004698278@obie.oit.unc.edu> Date: Fri, 02 Nov 2001 10:56:31 -0500 From: Shantonu Sen Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: > kmodload: __ubc_getobject > > I don't see why one gets this error message since it is defined in the > kernel. Note the double "_". This would seem to indicate that it's being referred to in the source file as "_ubc_getobject". Indeed on line osi_vm.c:305, it is prepended with a "_" and nowhere else. #ifdef UBC_NOREACTIVATE if (ubc_getobject(&avc->v, (UBC_NOREACTIVATE|UBC_HOLDOBJECT))) panic("VM_Setup: null object"); #else (void)_ubc_getobject(&avc->v, 1); /* return value not used */ #endif Was UBC_NOREACTIVATE #define'd in 10.0? Shantonu From bbiswas@email.unc.edu Fri Nov 2 15:49:17 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtpsrv0.isis.unc.edu (smtpsrv0.isis.unc.edu [152.2.1.139]) by grand.central.org (Postfix) with ESMTP id 85CC09C42 for ; Fri, 2 Nov 2001 15:49:17 -0500 (EST) Received: from obie.oit.unc.edu (obie.oit.unc.edu [152.2.22.23]) by smtpsrv0.isis.unc.edu (8.9.3/8.9.1) with ESMTP id PAA12643; Fri, 2 Nov 2001 15:49:05 -0500 (EST) Date: Fri, 02 Nov 2001 15:49:10 -0500 From: Brian Biswas To: Shantonu Sen Cc: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] openafs Mac OS 10.1 port Message-ID: <416073.1004716150@obie.oit.unc.edu> In-Reply-To: <200111021556.KAA26870@definitely-not-swedish.mit.edu> References: <200111021556.KAA26870@definitely-not-swedish.mit.edu> X-Mailer: Mulberry/2.1.0 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: --On Friday, November 2, 2001 10:56 AM -0500 Shantonu Sen wrote: >> kmodload: __ubc_getobject >> >> I don't see why one gets this error message since it is defined in the >> kernel. > > Note the double "_". This would seem to indicate that it's being referred > to in the source file as "_ubc_getobject". Indeed on line osi_vm.c:305, > it is prepended with a "_" and nowhere else. > ># ifdef UBC_NOREACTIVATE > if (ubc_getobject(&avc->v, (UBC_NOREACTIVATE|UBC_HOLDOBJECT))) > panic("VM_Setup: null object"); ># else > (void)_ubc_getobject(&avc->v, 1); /* return value not used */ ># endif > > Was UBC_NOREACTIVATE #define'd in 10.0? > > Shantonu Yep, you're right. Looks like a typo in the source code. I removed the underscore, rebuilt, and re-installed libafs.nonfs.o. Then ran the afs rc script. openafs starts right up. I've been running for a couple hours now with no problems. openafs on Mac OS 10.1 This is super! Without documentation from Apple as to any header file changes they may have made, I can't be certain the changes (referencing structure members) I made are correct, but so far so good. For the record, this is what I ended up doing to build and install: I configured as follows: ./configure --enable-transarc-paths I needed to make a couple of code changes to get openafs to compile for Mac OS 10.1: 1.) In directory sys/afs/DARWIN, I changed source files "osi_vm.c" and "osi_vnodeops.c": Changed a structure member named "ui_holdcnt" to "ui_refcount" There is no structure member named "ui_holdcnt". This is in the ubc_info structure which is defined in /usr/include/sys/ubc.h. 2.) In source file "osi_vm.c", I changed two function calls of the type: ubc_getobject(vp); to ubc_getobject(vp, UBC_FLAGS_NONE); 3.) There is a typo on line 305 of the file osi_vm.c: (void)_ubc_getobject(&avc->v, 1); /* return value not used */ should be: (void)ubc_getobject(&avc->v, 1); /* return value not used */ (remove the underscore in front of ubc_getobject.) Then build and install: %make %make install When booting, the rc script /System/Library/StartupItems/OpenAFS/OpenAFS runs which starts the afs daemon (the daemon itself lives in /usr/sbin). I installed the kernel module that gets loaded (src/libafs/MODLOAD/libafs.nonfs.o) as: /var/db/openafs/etc/afs.kext/Contents/MacOS/afs From cg2v+@andrew.cmu.edu Fri Nov 2 16:09:06 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from po10.andrew.cmu.edu (PO10.ANDREW.CMU.EDU [128.2.10.110]) by grand.central.org (Postfix) with ESMTP id F3D8A9C42 for ; Fri, 2 Nov 2001 16:09:05 -0500 (EST) Received: (from postman@localhost) by po10.andrew.cmu.edu (8.9.3/8.9.3) id QAA00864 for port-darwin@openafs.org; Fri, 2 Nov 2001 16:09:04 -0500 (EST) Received: via switchmail; Fri, 2 Nov 2001 16:09:04 -0500 (EST) Received: from sphinx.andrew.cmu.edu via qmail ID ; Fri, 2 Nov 2001 16:07:26 -0500 (EST) Received: from sphinx.andrew.cmu.edu via qmail ID ; Fri, 2 Nov 2001 16:07:25 -0500 (EST) Received: from mms.4.60.Jul.16.2001.15.18.20.i386.Linux.22.EzMail.2.0.CUILIB.3.45.SNAP.NOT.LINKED.sphinx.andrew.cmu.edu.i386.linux22 via MS.5.6.sphinx.andrew.cmu.edu.i386_Linux_22; Fri, 2 Nov 2001 16:07:25 -0500 (EST) Message-ID: Date: Fri, 2 Nov 2001 16:07:25 -0500 (EST) From: Chaskiel M Grundman To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] openafs Mac OS 10.1 port Cc: In-Reply-To: <200111021556.KAA26870@definitely-not-swedish.mit.edu> References: <200111021556.KAA26870@definitely-not-swedish.mit.edu> Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Excerpts from internet.computing.openafs.port-darwin: 2-Nov-101 Re: [OpenAFS-port-darwin] o.. by Shantonu Sen@MIT.EDU > Was UBC_NOREACTIVATE #define'd in 10.0? Yes. That was what I used to distinguish DP3 from DP4 and 10.0 I have some patches that result in something that compiles and loads, and has other changes which are supposed to mirror changes I found in 10.1's kernel (but may be broken), but there's some VM stuff that it does wrong (it panics on file writes and maybe reads too), and so I haven't bothered to say anything about it. If anyone wants to use it as a base for porting work, it's in /afs/andrew.cmu.edu/acs/asg/cg2v/openafs-1.2.2-darwin1.4-not.diff From jackson@CMU.EDU Mon Nov 5 15:32:30 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp5.andrew.cmu.edu (SMTP5.ANDREW.CMU.EDU [128.2.10.85]) by grand.central.org (Postfix) with ESMTP id B8A979BDC for ; Mon, 5 Nov 2001 15:32:30 -0500 (EST) Received: from SARATOGA.CC.CMU.EDU (SARATOGA.CC.CMU.EDU [128.2.120.70]) by smtp5.andrew.cmu.edu (8.12.0.Beta16/8.12.0.Beta16) with ESMTP id fA5KWTsV003871; Mon, 5 Nov 2001 15:32:29 -0500 Date: Mon, 5 Nov 2001 15:32:29 -0500 Subject: Re: [OpenAFS-port-darwin] openafs Mac OS 10.1 port Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v475) Cc: Shantonu Sen , port-darwin@openafs.org To: Brian Biswas From: Joseph Jackson In-Reply-To: <416073.1004716150@obie.oit.unc.edu> Message-Id: <3BA6414A-D22C-11D5-B9FB-003065F31D64@CMU.EDU> Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.475) Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Brian, How does your experience mesh with what Chaskiel and I saw? With Chaskiel's changes the moment a write() call hits AFS, the system panics. All other aspects of the system seemed okay under very limited testing. I was able to authenticate, read files and directories, and create files with no problems. So I could do "touch foo" but not "echo test > foo". Did your changes work out better? Joe Jackson, Carnegie Mellon University. From sol0@lehigh.edu Tue Nov 6 11:05:52 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from rain.CC.Lehigh.EDU (rain.CC.Lehigh.EDU [128.180.39.20]) by grand.central.org (Postfix) with ESMTP id BB6B69BDB for ; Tue, 6 Nov 2001 11:05:51 -0500 (EST) Received: from cube0.CC.Lehigh.EDU (cube0.CC.Lehigh.EDU [128.180.3.146]) by rain.CC.Lehigh.EDU (8.12.1/8.12.0) with ESMTP id fA6G5aZZ031007 for ; Tue, 6 Nov 2001 11:05:41 -0500 Date: Tue, 6 Nov 2001 11:05:35 -0500 Mime-Version: 1.0 (Apple Message framework v472) Content-Type: text/plain; charset=US-ASCII; format=flowed From: Steve Lidie To: port-darwin@openafs.org Content-Transfer-Encoding: 7bit Message-Id: <1C8EE7AB-D2D0-11D5-B114-003065C254B6@lehigh.edu> X-Mailer: Apple Mail (2.472) Subject: [OpenAFS-port-darwin] Open AFS for Mac OS 10.1? Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I have the 10.0 version, but now need binaries for 10.1. Are they available anywhere? Many thanks, Steve From bbiswas@email.unc.edu Tue Nov 6 11:45:14 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtpsrv0.isis.unc.edu (smtpsrv0.isis.unc.edu [152.2.1.139]) by grand.central.org (Postfix) with ESMTP id 4F6299BDB for ; Tue, 6 Nov 2001 11:45:14 -0500 (EST) Received: from obie.oit.unc.edu (obie.oit.unc.edu [152.2.22.23]) by smtpsrv0.isis.unc.edu (8.9.3/8.9.1) with ESMTP id LAA11859; Tue, 6 Nov 2001 11:45:11 -0500 (EST) Date: Tue, 06 Nov 2001 11:45:19 -0500 From: Brian Biswas To: Joseph Jackson Cc: Shantonu Sen , port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] openafs Mac OS 10.1 port Message-ID: <20274195.1005047119@obie.oit.unc.edu> In-Reply-To: <3BA6414A-D22C-11D5-B9FB-003065F31D64@CMU.EDU> References: <3BA6414A-D22C-11D5-B9FB-003065F31D64@CMU.EDU> X-Mailer: Mulberry/2.1.0 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Joe, I've not had any problems at all (been running 5 days now). I can authenticate, read, create, and write files. I just made those three changes I mentioned; also, I did not define UBC_NOREACTIVATE. --Brian Biswas University of North Carolina-Chapel Hill --On Monday, November 5, 2001 3:32 PM -0500 Joseph Jackson wrote: > Brian, > > How does your experience mesh with what Chaskiel and I saw? With > Chaskiel's changes the moment a write() call hits AFS, the system panics. > All other aspects of the system seemed okay under very limited testing. I > was able to authenticate, read files and directories, and create files > with no problems. So I could do "touch foo" but not "echo test > foo". > Did your changes work out better? > > Joe Jackson, > Carnegie Mellon University. > From arosenbl@mac.com Wed Nov 7 00:37:17 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtpout.mac.com (smtpout.mac.com [204.179.120.88]) by grand.central.org (Postfix) with ESMTP id 7FCDD9C09 for ; Wed, 7 Nov 2001 00:37:17 -0500 (EST) Received: from smtp-relay01.mac.com (server-source-si02 [10.13.10.6]) by smtpout.mac.com (8.12.1/8.10.2/1.0) with ESMTP id fA75ajvg013297 for ; Tue, 6 Nov 2001 21:36:45 -0800 (PST) Received: from asmtp01.mac.com ([10.13.10.65]) by smtp-relay01.mac.com (Netscape Messaging Server 4.15 relay01 Jun 21 2001 23:53:48) with ESMTP id GMF0Y400.7DY for ; Tue, 6 Nov 2001 21:37:16 -0800 Received: from localhost ([66.41.125.11]) by asmtp01.mac.com (Netscape Messaging Server 4.15 asmtp01 Jun 21 2001 23:53:48) with ESMTP id GMF0Y200.PAG for ; Tue, 6 Nov 2001 21:37:14 -0800 Date: Wed, 7 Nov 2001 00:37:08 -0500 Subject: Re: [OpenAFS-port-darwin] openafs Mac OS 10.1 port Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v472) From: Aaron Rosenblum To: port-darwin@openafs.org Content-Transfer-Encoding: 7bit In-Reply-To: <20274195.1005047119@obie.oit.unc.edu> Message-Id: <7BF392E8-D341-11D5-8AF2-00039350D34C@mac.com> X-Mailer: Apple Mail (2.472) Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Can OpenAFS be compiled with support for the MIT KfM and does it still require that hack to work correctly with the finder in 10.1? Aaron On Tuesday, November 6, 2001, at 11:45 AM, Brian Biswas wrote: > Joe, > > I've not had any problems at all (been running 5 days now). I can > authenticate, read, create, and write files. I just made those three > changes > I mentioned; also, I did not define UBC_NOREACTIVATE. > > --Brian Biswas > University of North Carolina-Chapel Hill > > > > --On Monday, November 5, 2001 3:32 PM -0500 Joseph Jackson > wrote: > >> Brian, >> >> How does your experience mesh with what Chaskiel and I saw? With >> Chaskiel's changes the moment a write() call hits AFS, the system >> panics. >> All other aspects of the system seemed okay under very limited >> testing. I >> was able to authenticate, read files and directories, and create files >> with no problems. So I could do "touch foo" but not "echo test > foo". >> Did your changes work out better? >> >> Joe Jackson, >> Carnegie Mellon University. >> > > > _______________________________________________ > port-darwin mailing list > port-darwin@openafs.org > https://lists.openafs.org/mailman/listinfo/port-darwin From David.P.Saracino.4@nd.edu Tue Nov 6 17:24:22 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from dagger.nd.edu (dagger.nd.edu [129.74.250.101]) by grand.central.org (Postfix) with ESMTP id 775279C09 for ; Tue, 6 Nov 2001 17:24:22 -0500 (EST) Received: from [129.74.152.201] (saracino-4a.student.nd.edu [129.74.152.201]) by dagger.nd.edu (8.10.2/8.10.2) with ESMTP id fA6MOLC12129 for ; Tue, 6 Nov 2001 17:24:21 -0500 (EST) User-Agent: Microsoft-Outlook-Express-Macintosh-Edition/5.02.2022 Date: Tue, 06 Nov 2001 17:24:21 -0500 From: David Saracino To: Message-ID: Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit Subject: [OpenAFS-port-darwin] edit list of cells in /afs/ Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I'm quite inexperienced with afs, so forgive me if this question seems more than a little trivial... how do you edit the list of cells that show up in the /afs/ directory? both the finder and terminal take their sweet time while searching for all of them, and it's quite annoying. Thanks, David Saracino From cg2v@andrew.cmu.edu Fri Nov 9 23:53:06 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp7.andrew.cmu.edu (SMTP7.ANDREW.CMU.EDU [128.2.10.87]) by grand.central.org (Postfix) with ESMTP id D574B9BDC for ; Fri, 9 Nov 2001 23:53:05 -0500 (EST) Received: from SPHINX.ANDREW.CMU.EDU (SPHINX.ANDREW.CMU.EDU [128.2.121.9]) (user=cg2v mech=KERBEROS_V4 (0 bits)) by smtp7.andrew.cmu.edu (8.12.0.Beta16/8.12.0.Beta16) with ESMTP id fAA4r5Ui025289 for ; Fri, 9 Nov 2001 23:53:05 -0500 Date: Fri, 9 Nov 2001 23:53:04 -0500 (EST) From: Chaskiel M Grundman To: Message-ID: MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="41945465-504382577-1005367984=:8225" Subject: [OpenAFS-port-darwin] Darwin 1.4/Mac OS 10.1 patch Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mime@docserver.cac.washington.edu for more info. --41945465-504382577-1005367984=:8225 Content-Type: TEXT/PLAIN; charset=US-ASCII Attached is my "official" patch for 1.4/10.1 against the OpenAFS 1.2.2 release. I recommend that anyone using afs with 10.1 use this patch and not one from any other source. In particular, no one else is likely to have properly modified osi_VM_TryReclaim to work properly under the Darwin 1.4 kernel. Comments, questions, and problem reports should be sent to the list. --41945465-504382577-1005367984=:8225 Content-Type: TEXT/PLAIN; charset=US-ASCII; name="openafs-1.4-darwin14.diff" Content-Transfer-Encoding: BASE64 Content-ID: Content-Description: Content-Disposition: attachment; filename="openafs-1.4-darwin14.diff" SW5kZXg6IHNyYy9hZnMvYWZzX29zaS5jDQo9PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09DQpSQ1MgZmlsZTogL2N2cy9vcGVuYWZzL3NyYy9hZnMvYWZzX29zaS5j LHYNCnJldHJpZXZpbmcgcmV2aXNpb24gMS44DQpkaWZmIC11IC1kIC1iIC13 IC1yMS44IGFmc19vc2kuYw0KLS0tIHNyYy9hZnMvYWZzX29zaS5jCTIwMDEv MDgvMDggMDA6MDM6MjgJMS44DQorKysgc3JjL2Fmcy9hZnNfb3NpLmMJMjAw MS8xMS8xMCAwNDowODo0Mg0KQEAgLTMwMCw2ICszMDAsNyBAQA0KICAgICBz ZXRfc3lzdGVtX3Byb2ModS51X3Byb2NwKTsNCiAjZWxzZQ0KICNpZiBkZWZp bmVkKEFGU19EQVJXSU5fRU5WKSB8fCBkZWZpbmVkKEFGU19GQlNEX0VOVikN CisgICAgLyogbWF5YmUgY2FsbCBpbml0X3Byb2Nlc3MgaW5zdGVhZD8gKi8N CiAgICAgY3VycmVudF9wcm9jKCktPnBfZmxhZyB8PSBQX1NZU1RFTTsNCiAj ZWxzZQ0KICNpZiAhZGVmaW5lZChBRlNfU0dJNjRfRU5WKSAmJiAhZGVmaW5l ZChBRlNfTElOVVgyMF9FTlYpDQpJbmRleDogc3JjL2Fmcy9EQVJXSU4vb3Np X21vZHVsZS5jDQo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09DQpSQ1MgZmlsZTog L2N2cy9vcGVuYWZzL3NyYy9hZnMvREFSV0lOL29zaV9tb2R1bGUuYyx2DQpy ZXRyaWV2aW5nIHJldmlzaW9uIDEuNg0KZGlmZiAtdSAtZCAtYiAtdyAtcjEu NiBvc2lfbW9kdWxlLmMNCi0tLSBzcmMvYWZzL0RBUldJTi9vc2lfbW9kdWxl LmMJMjAwMS8wOS8wNyAwNDowMDowNQkxLjYNCisrKyBzcmMvYWZzL0RBUldJ Ti9vc2lfbW9kdWxlLmMJMjAwMS8xMS8xMCAwNDowODo0Ng0KQEAgLTU4LDQg KzU4LDQgQEANCiAgICByZXR1cm4gS0VSTl9TVUNDRVNTOw0KICB9IA0KIA0K LUtNT0RfRVhQTElDSVRfREVDTChvcGVuYWZzLCBWRVJTSU9OLCBhZnNfbW9k bG9hZCwgYWZzX21vZHVubG9hZCkNCitLTU9EX0VYUExJQ0lUX0RFQ0wob3Jn Lm9wZW5hZnMuZmlsZXN5c3RlbXMub3BlbmFmcywgVkVSU0lPTiwgYWZzX21v ZGxvYWQsIGFmc19tb2R1bmxvYWQpDQpJbmRleDogc3JjL2Fmcy9EQVJXSU4v b3NpX3NsZWVwLmMNCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0NClJDUyBmaWxl OiAvY3ZzL29wZW5hZnMvc3JjL2Fmcy9EQVJXSU4vb3NpX3NsZWVwLmMsdg0K cmV0cmlldmluZyByZXZpc2lvbiAxLjMNCmRpZmYgLXUgLWQgLWIgLXcgLXIx LjMgb3NpX3NsZWVwLmMNCi0tLSBzcmMvYWZzL0RBUldJTi9vc2lfc2xlZXAu YwkyMDAxLzA3LzEyIDE5OjU4OjE5CTEuMw0KKysrIHNyYy9hZnMvREFSV0lO L29zaV9zbGVlcC5jCTIwMDEvMTEvMTAgMDQ6MDg6NDYNCkBAIC0xMzEsOSAr MTMxLDE0IEBADQogICAgIHNlcSA9IGV2cC0+c2VxOw0KICAgICB3aGlsZSAo c2VxID09IGV2cC0+c2VxKSB7DQogCUFGU19BU1NFUlRfR0xPQ0soKTsNCi0J YXNzZXJ0X3dhaXQoKGV2ZW50X3QpZXZlbnQsIDApOw0KIAlBRlNfR1VOTE9D SygpOw0KKyNpZmRlZiBBRlNfREFSV0lOMTRfRU5WDQorICAgICAgICAvKiB0 aGlzIGlzIHByb2JhYmx5IHNhZmUgZm9yIGFsbCB2ZXJzaW9ucywgYnV0IHRl c3RpbmcgaXMgaGFyZCAqLw0KKyAgICAgICAgc2xlZXAoZXZlbnQsIFBWRlMp Ow0KKyNlbHNlDQorCWFzc2VydF93YWl0KChldmVudF90KWV2ZW50LCAwKTsN CiAJdGhyZWFkX2Jsb2NrKDApOw0KKyNlbmRpZg0KIAlBRlNfR0xPQ0soKTsN CiAgICAgfQ0KICAgICByZWxldmVudChldnApOw0KQEAgLTE1MywyNCArMTU4 LDM3IEBADQogICAgIGludCBjb2RlID0gMDsNCiAgICAgc3RydWN0IGFmc19l dmVudCAqZXZwOw0KICAgICBpbnQgdGlja3Msc2VxOw0KKyAgICBpbnQgcHJp bzsNCiANCiAgICAgdGlja3MgPSAoIGFtcyAqIGFmc19oeiApLzEwMDA7DQog DQogDQogICAgIGV2cCA9IGFmc19nZXRldmVudChldmVudCk7DQogICAgIHNl cT1ldnAtPnNlcTsNCi0gICAgYXNzZXJ0X3dhaXQoKGV2ZW50X3QpZXZlbnQs IGFpbnRvayA/IFRIUkVBRF9BQk9SVFNBRkUgOiAwKTsNCiAgICAgQUZTX0dV TkxPQ0soKTsNCisjaWZkZWYgQUZTX0RBUldJTjE0X0VOVg0KKyAgICAvKiB0 aGlzIGlzIHByb2JhYmx5IHNhZmUgZm9yIGFsbCB2ZXJzaW9ucywgYnV0IHRl c3RpbmcgaXMgaGFyZC4gKi8NCisgICAgLyogdXNpbmcgdHNsZWVwIGluc3Rl YWQgb2YgYXNzZXJ0X3dhaXQvdGhyZWFkX3NldF90aW1lci90aHJlYWRfYmxv Y2sNCisgICAgICAgYWxsb3dzIHNodXRkb3duIHRvIHdvcmsgaW4gMS40ICov DQorICAgIC8qIGxhY2sgb2YgUENBVENIIGRvZXMgKm5vdCogcHJldmVudCBz aWduYWwgZGVsaXZlcnksIG5laXRoZXIgZG9lcyANCisgICAgICAgYSBsb3cg cHJpb3JpdHkuIFdlIHdvdWxkIG5lZWQgdG8gZGVhbCB3aXRoIEVSRVNUQVJU IGhlcmUgaWYgd2UgDQorICAgICAgIHdhbnRlZCB0byBtZXNzIHdpdGggcC0+ cF9zaWdtYXNrLCBhbmQgbWVzc2luZyB3aXRoIHBfc2lnaWdub3JlIGlzDQor ICAgICAgIG5vdCB0aGUgd2F5IHRvIGdvLi4uLiAoc29tZW9uZSBjb3JyZWN0 IG1lIGlmIEknbSB3cm9uZykNCisgICAgKi8NCisgICAgaWYgKGFpbnRvaykN CisgICAgICAgcHJpbz1QQ0FUQ0h8UFBBVVNFOw0KKyAgICBlbHNlDQorICAg ICAgIHByaW89UFZGUzsNCisgICAgY29kZT10c2xlZXAoZXZlbnQsIHByaW8s ICJhZnNfb3NpX1RpbWVkU2xlZXAiLCB0aWNrcyk7DQorI2Vsc2UgDQorICAg IGFzc2VydF93YWl0KChldmVudF90KWV2ZW50LCBhaW50b2sgPyBUSFJFQURf QUJPUlRTQUZFIDogVEhSRUFEX1VOSU5UKTsNCiAgICAgdGhyZWFkX3NldF90 aW1lcih0aWNrcywgTlNFQ19QRVJfU0VDIC8gaHopOw0KICAgICB0aHJlYWRf YmxvY2soMCk7DQorICAgIGNvZGU9MDsNCisjZW5kaWYNCiAgICAgQUZTX0dM T0NLKCk7DQotI2lmIDAgLyogdGhyZWFkX3Qgc3RydWN0dXJlIG9ubHkgYXZh aWxhYmxlIGlmIE1BQ0hfS0VSTkVMX1BSSVZBVEUgKi8NCi0gICAgaWYgKGN1 cnJlbnRfdGhyZWFkKCktPndhaXRfcmVzdWx0ICE9IFRIUkVBRF9BV0FLRU5F RCkNCi0JY29kZSA9IEVJTlRSOw0KLSNlbHNlDQogICAgIGlmIChzZXEgPT0g ZXZwLT5zZXEpDQogCWNvZGUgPSBFSU5UUjsNCi0jZW5kaWYNCiAgICAgDQog ICAgIHJlbGV2ZW50KGV2cCk7DQogICAgIHJldHVybiBjb2RlOw0KQEAgLTE4 NCw3ICsyMDIsMTIgQEANCiAgICAgZXZwID0gYWZzX2dldGV2ZW50KGV2ZW50 KTsNCiAgICAgaWYgKGV2cC0+cmVmY291bnQgPiAxKSB7DQogCWV2cC0+c2Vx Kys7ICAgIA0KKyNpZmRlZiBBRlNfREFSV0lOMTRfRU5WDQorICAgIC8qIHRo aXMgaXMgcHJvYmFibHkgc2FmZSBmb3IgYWxsIHZlcnNpb25zLCBidXQgdGVz dGluZyBpcyBoYXJkLiAqLw0KKyAgICAgICAgd2FrZXVwKGV2ZW50KTsNCisj ZWxzZQ0KIAl0aHJlYWRfd2FrZXVwKChldmVudF90KWV2ZW50KTsNCisjZW5k aWYNCiAgICAgfQ0KICAgICByZWxldmVudChldnApOw0KIH0NCkluZGV4OiBz cmMvYWZzL0RBUldJTi9vc2lfdm0uYw0KPT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PQ0KUkNTIGZpbGU6IC9jdnMvb3BlbmFmcy9zcmMvYWZzL0RBUldJTi9vc2lf dm0uYyx2DQpyZXRyaWV2aW5nIHJldmlzaW9uIDEuMw0KZGlmZiAtdSAtZCAt YiAtdyAtcjEuMyBvc2lfdm0uYw0KLS0tIHNyYy9hZnMvREFSV0lOL29zaV92 bS5jCTIwMDEvMDcvMTIgMTk6NTg6MTkJMS4zDQorKysgc3JjL2Fmcy9EQVJX SU4vb3NpX3ZtLmMJMjAwMS8xMS8xMCAwNDowODo0Ng0KQEAgLTM5LDYgKzM5 LDEwIEBADQogICAgIGludCAqc2xlcHQ7DQogew0KICAgICBzdHJ1Y3Qgdm5v ZGUgKnZwPShzdHJ1Y3Qgdm5vZGUgKilhdmM7DQorI2lmZGVmIEFGU19EQVJX SU4xNF9FTlYNCisgICAgaWYgKFVCQ0lORk9FWElTVFModnApKQ0KKwlyZXR1 cm4gRUJVU1k7DQorI2VuZGlmDQogICAgIGlmIChhdmMtPnZyZWZDb3VudCkN CiAJcmV0dXJuIEVCVVNZOw0KIA0KQEAgLTUxLDYgKzU1LDcgQEANCiANCiAg ICAgQUZTX0dVTkxPQ0soKTsNCiAgICAgY2FjaGVfcHVyZ2UodnApOw0KKyNp Zm5kZWYgQUZTX0RBUldJTjE0X0VOVg0KICAgICBpZiAoVUJDSU5GT0VYSVNU Uyh2cCkpDQogCXsNCiAgICAgICAgICAgICAgICAgdWJjX2NsZWFuKHZwLCAx KTsNCkBAIC01OCw2ICs2Myw3IEBADQogICAgICAgICAgICAgICAgIHViY19y ZWxlYXNlKHZwKTsNCiAJICAgICAgICB1YmNfaW5mb19mcmVlKHZwKTsNCiAJ fQ0KKyNlbmRpZg0KIA0KICAgICBBRlNfR0xPQ0soKTsNCiANCkBAIC0xODYs MTEgKzE5MiwxOSBAQA0KICAgICAgICAgQUZTX1JFTEUodnApOw0KICAgICAg ICAgcmV0dXJuOw0KICAgICB9DQorI2lmZGVmIEFGU19EQVJXSU4xNF9FTlYN CisgICAgaWYgKHZwLT52X3ViY2luZm8tPnVpX3JlZmNvdW50ID4gMSkgew0K KyAgICAgICAgc2ltcGxlX3VubG9jaygmdnAtPnZfaW50ZXJsb2NrKTsNCisg ICAgICAgIEFGU19SRUxFKHZwKTsNCisgICAgICAgIHJldHVybjsNCisgICAg fQ0KKyNlbHNlDQogICAgIGlmICh2cC0+dl91YmNpbmZvLT51aV9ob2xkY250 KSB7DQogICAgICAgICBzaW1wbGVfdW5sb2NrKCZ2cC0+dl9pbnRlcmxvY2sp Ow0KICAgICAgICAgQUZTX1JFTEUodnApOw0KICAgICAgICAgcmV0dXJuOw0K ICAgICB9DQorI2VuZGlmDQogICAgIGlmIChzbGVwdCAmJiB1YmNfaXNzZXRm bGFncyh2cCwgVUlfV0FTTUFQUEVEKSkgew0KICAgICAgICAvKiBXZSBjYW4n dCBwb3NzaWJseSByZWxlYXNlIHRoaXMgaW4gdGltZSBmb3IgdGhpcyBOZXdW Q2FjaGUgdG8gZ2V0IGl0ICovDQogICAgICAgICBzaW1wbGVfdW5sb2NrKCZ2 cC0+dl9pbnRlcmxvY2spOw0KQEAgLTIwOSwyMSArMjIzLDMwIEBADQogICAg IG9iaj0wOw0KICAgICBpZiAodWJjX2lzc2V0ZmxhZ3ModnAsIFVJX1dBU01B UFBFRCkpIHsNCiAgICAgICAgIHNpbXBsZV91bmxvY2soJnZwLT52X2ludGVy bG9jayk7DQorI2lmZGVmICBBRlNfREFSV0lOMTRfRU5WDQorICAgICAgICB1 YmNfcmVsZWFzZV9uYW1lZCh2cCk7DQorI2Vsc2UNCiAgICAgICAgIHViY19y ZWxlYXNlKHZwKTsNCisjZW5kaWYNCiAgICAgICAgIGlmICh1YmNfaXNzZXRm bGFncyh2cCwgVUlfSEFTT0JKUkVGKSkNCiAgICAgICAgICAgICBwcmludGYo InViY19yZWxlYXNlIGRpZG4ndCByZWxlYXNlIHRoZSByZWZlcmVuY2U/IVxu Iik7DQogICAgIH0gZWxzZSBpZiAoIXZuX2xvY2sodnAsIExLX0VYQ0xVU0lW RXxMS19JTlRFUkxPQ0ssY3VycmVudF9wcm9jKCkpKSB7DQotI2lmZGVmIFVC Q19OT1JFQUNUSVZBVEUNCisjaWZkZWYgQUZTX0RBUldJTjE0X0VOVg0KKyAg ICAgICAgb2JqID0gdWJjX2dldG9iamVjdCh2cCxVQkNfSE9MRE9CSkVDVCk7 DQorI2Vsc2UNCisjaWZkZWYgQUZTX0RBUldJTjEzX0VOVg0KICAgICAgICAg b2JqID0gdWJjX2dldG9iamVjdCh2cCwoVUJDX05PUkVBQ1RJVkFURXxVQkNf SE9MRE9CSkVDVCkpOw0KICNlbHNlDQogICAgICAgICBvYmogPSB1YmNfZ2V0 b2JqZWN0KHZwKTsNCiAjZW5kaWYNCisjZW5kaWYNCiAgICAgICAgICh2b2lk KXViY19jbGVhbih2cCwgMSk7DQogICAgICAgICB2aW52YWxidWYodnAsIFZf U0FWRSwgJmFmc19vc2lfY3JlZCwgcCwgMCwgMCk7DQogICAgICAgICBpZiAo dnAtPnZfdXNlY291bnQgPT0gMSkNCiAgICAgICAgICAgIFZPUF9JTkFDVElW RSh2cCwgcCk7DQogICAgICAgICBlbHNlDQogICAgICAgICAgICBWT1BfVU5M T0NLKHZwLCAwLCBwKTsNCisgICAgICAgIGlmIChvYmopIHsNCiAgICAgICAg IGlmIChJU1NFVCh2cC0+dl9mbGFnLCBWVEVSTUlOQVRFKSkNCiAgICAgICAg ICAgICBwYW5pYygiYWZzX3ZucmVjbGFpbTogYWxyZWFkeSB0ZW1pbmF0aW5n Iik7DQogICAgICAgICBTRVQodnAtPnZfZmxhZywgVlRFUk1JTkFURSk7DQpA QCAtMjMyLDEzICsyNTUsMTQgQEANCiAgICAgICAgICAgICAgIFNFVCh2cC0+ dl9mbGFnLCBWVEVSTVdBTlQpOw0KICAgICAgICAgICAgICAgdHNsZWVwKChj YWRkcl90KSZ2cC0+dl91YmNpbmZvLCBQSU5PRCwgImFmc192bnJlY2xhaW0i LCAwKTsNCiAgICAgICAgIH0NCisgICAgICAgIH0NCiAgICB9IGVsc2Ugew0K ICAgICAgICAgaWYgKHNpbXBsZV9sb2NrX3RyeSgmdnAtPnZfaW50ZXJsb2Nr KSkNCiAgICAgICAgICAgICBwYW5pYygiYWZzX3ZucmVjbGFpbTogc2xlcHQs IGJ1dCBkaWQgbm8gd29yayA6KCIpOw0KICAgICAgICAgaWYgKFVCQ0lORk9F WElTVFModnApICYmIHZwLT52X2NvdW50ID09IDEpIHsNCiAgICAgICAgICAg IHZwLT52X3VzZWNvdW50Kys7DQogICAgICAgICAgICBzaW1wbGVfdW5sb2Nr KCZ2cC0+dl9pbnRlcmxvY2spOw0KLSAgICAgICAgICAgQUZTX1JFTEUodnAp Ow0KKyAgICAgICAgICAgVk5fUkVMRSh2cCk7DQogICAgICAgICB9IGVsc2Ug DQogICAgICAgICAgICBzaW1wbGVfdW5sb2NrKCZ2cC0+dl9pbnRlcmxvY2sp Ow0KICAgIH0NCkBAIC0yNTQsOCArMjc4LDE5IEBADQogICAgIHZvaWQgKm9i amVjdDsNCiAgICAgc3RydWN0IHZjYWNoZSAqYXZjID0gKHN0cnVjdCB2Y2Fj aGUgKil2cDsNCiANCisjaWZkZWYgQUZTX0RBUldJTjE0X0VOVg0KKyAgICBv ZmZzZXQ9dHJ1bmNfcGFnZShvZmZzZXQpOw0KKyAgICBzaXplPXJvdW5kX3Bh Z2Uoc2l6ZSsxKTsNCisgICAgd2hpbGUgKHNpemUpIHsNCisgICAgICAgIHVi Y19wYWdlX29wKHZwLCAodm1fb2Zmc2V0X3Qpb2Zmc2V0LCANCisgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICBVUExfUE9QX1NFVCB8IFVQTF9QT1Bf QlVTWSB8IFVQTF9QT1BfRFVNUCwNCisgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAwLCAwKTsNCisgICAgICAgIHNpemUtPVBBR0VfU0laRTsNCisg ICAgICAgIG9mZnNldCs9UEFHRV9TSVpFOw0KKyAgICB9DQorI2Vsc2UNCiAg ICAgb2JqZWN0PU5VTEw7DQotI2lmZGVmIFVCQ19OT1JFQUNUSVZBVEUNCisj aWZkZWYgQUZTX0RBUldJTjEzX0VOVg0KICAgICBpZiAoVUJDSU5GT0VYSVNU Uyh2cCkpDQogICAgICAgICBvYmplY3QgPSB1YmNfZ2V0b2JqZWN0KHZwLCBV QkNfTk9SRUFDVElWQVRFKTsNCiAjZWxzZQ0KQEAgLTI2OCw3ICszMDMsNyBA QA0KICAgICBvZmZzZXQ9dHJ1bmNfcGFnZShvZmZzZXQpOw0KICAgICBzaXpl PXJvdW5kX3BhZ2Uoc2l6ZSsxKTsNCiANCi0jaWZkZWYgVUJDX05PUkVBQ1RJ VkFURQ0KKyNpZmRlZiBBRlNfREFSV0lOMTNfRU5WDQogICAgIHdoaWxlIChz aXplKSB7DQogICAgICAgICBtZW1vcnlfb2JqZWN0X3BhZ2Vfb3Aob2JqZWN0 LCAodm1fb2Zmc2V0X3Qpb2Zmc2V0LCANCiAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICBVUExfUE9QX1NFVCB8IFVQTF9QT1BfQlVTWSB8IFVQTF9Q T1BfRFVNUCwNCkBAIC0yNzcsMTAgKzMxMiwxMiBAQA0KICAgICAgICAgb2Zm c2V0Kz1QQUdFX1NJWkU7DQogICAgIH0NCiAjZWxzZSANCisgICAgLyogVGhp cyBpcyBhbGwgd2UgY2FuIGRvLCBhbmQgaXQncyBub3QgZW5vdWdoLiBzdWNr cyB0byBiZSB1cyAqLw0KICAgICB1YmNfc2V0c2l6ZSh2cCwgb2Zmc2V0KTsN CiAgICAgc2l6ZT0ob2Zmc2V0ICsgc2l6ZSA+IGF2Yy0+bS5MZW5ndGgpID8g b2Zmc2V0ICsgc2l6ZSA6IGF2Yy0+bS5MZW5ndGg7DQogICAgIHViY19zZXRz aXplKHZwLCBzaXplKTsNCiAjZW5kaWYNCisjZW5kaWYNCiANCiB9DQogaW50 IG9zaV9WTV9TZXR1cChzdHJ1Y3QgdmNhY2hlICphdmMpIHsNCkBAIC0yOTYs MTUgKzMzMywxNyBAQA0KICAgICAgICAgICAgICBBRlNfUkVMRShhdmMpOw0K ICAgICAgICAgICAgICByZXR1cm4gZXJyb3I7DQogICAgICAgICAgfQ0KKyNp Zm5kZWYgQUZTX0RBUldJTjE0X0VOVg0KICAgICAgICAgIHNpbXBsZV9sb2Nr KCZhdmMtPnYudl9pbnRlcmxvY2spOw0KICAgICAgICAgIGlmICghdWJjX2lz c2V0ZmxhZ3MoJmF2Yy0+diwgVUlfSEFTT0JKUkVGKSkNCi0jaWZkZWYgVUJD X05PUkVBQ1RJVkFURQ0KKyNpZmRlZiBBRlNfREFSV0lOMTNfRU5WDQogICAg ICAgICAgICAgaWYgKHViY19nZXRvYmplY3QoJmF2Yy0+diwgKFVCQ19OT1JF QUNUSVZBVEV8VUJDX0hPTERPQkpFQ1QpKSkNCiAgICAgICAgICAgICAgICAg ICAgcGFuaWMoIlZNX1NldHVwOiBudWxsIG9iamVjdCIpOw0KICNlbHNlDQog ICAgICAgICAgICAgKHZvaWQpX3ViY19nZXRvYmplY3QoJmF2Yy0+diwgMSk7 IC8qIHJldHVybiB2YWx1ZSBub3QgdXNlZCAqLw0KICNlbmRpZg0KICAgICAg ICAgIHNpbXBsZV91bmxvY2soJmF2Yy0+di52X2ludGVybG9jayk7DQorI2Vu ZGlmDQogICAgICAgICAgQUZTX0dMT0NLKCk7DQogICAgICAgICAgQUZTX1JF TEUoYXZjKTsNCiAgICAgICB9DQpJbmRleDogc3JjL2Fmcy9EQVJXSU4vb3Np X3Zub2Rlb3BzLmMNCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0NClJDUyBmaWxl OiAvY3ZzL29wZW5hZnMvc3JjL2Fmcy9EQVJXSU4vb3NpX3Zub2Rlb3BzLmMs dg0KcmV0cmlldmluZyByZXZpc2lvbiAxLjQNCmRpZmYgLXUgLWQgLWIgLXcg LXIxLjQgb3NpX3Zub2Rlb3BzLmMNCi0tLSBzcmMvYWZzL0RBUldJTi9vc2lf dm5vZGVvcHMuYwkyMDAxLzA4LzA4IDAwOjAzOjI5CTEuNA0KKysrIHNyYy9h ZnMvREFSV0lOL29zaV92bm9kZW9wcy5jCTIwMDEvMTEvMTAgMDQ6MDg6NDYN CkBAIC03NTUsMTIgKzc1NSwxMCBAQA0KICAgICBlcnJvciA9ICBhZnNfcmVt b3ZlKChzdHJ1Y3QgdmNhY2hlICopZHZwLCBuYW1lLCBjbnAtPmNuX2NyZWQp Ow0KICAgICBBRlNfR1VOTE9DSygpOw0KICAgICBjYWNoZV9wdXJnZSh2cCk7 DQotICAgIGlmIChkdnAgPT0gdnApDQotCXZyZWxlKHZwKTsNCi0gICAgZWxz ZQ0KLQl2cHV0KHZwKTsNCi0gICAgdnB1dChkdnApOw0KLSAgICBpZiAoVUJD SU5GT0VYSVNUUyh2cCkpIHsNCisgICAgaWYgKCFlcnJvciAmJiBVQkNJTkZP RVhJU1RTKHZwKSkgew0KKyNpZmRlZiBBRlNfREFSV0lOMTRfRU5WDQorICAg ICAgICAgICAgICh2b2lkKSB1YmNfdW5jYWNoZSh2cCk7IA0KKyNlbHNlDQog ICAgICAgICAgICAgIGludCB3YXNtYXBwZWQ9dWJjX2lzc2V0ZmxhZ3ModnAs IFVJX1dBU01BUFBFRCk7DQogICAgICAgICAgICAgIGludCBoYXNvYmpyZWY9 dWJjX2lzc2V0ZmxhZ3ModnAsIFVJX0hBU09CSlJFRik7DQogICAgICAgICAg ICAgIGlmICh3YXNtYXBwZWQpDQpAQCAtNzY4LDcgKzc2NiwxMyBAQA0KICAg ICAgICAgICAgICBpZiAoaGFzb2JqcmVmKQ0KICAgICAgICAgICAgICAgICB1 YmNfcmVsZWFzZSh2cCk7DQogICAgICAgICAgICAgIC8qIFdBUk5JTkcgdnAg bWF5IG5vdCBiZSB2YWxpZCBhZnRlciB0aGlzICovDQorI2VuZGlmDQogICAg IH0NCisgICAgaWYgKGR2cCA9PSB2cCkNCisJdnJlbGUodnApOw0KKyAgICBl bHNlDQorCXZwdXQodnApOw0KKyAgICB2cHV0KGR2cCk7DQogDQogICAgIEZS RUVfWk9ORShjbnAtPmNuX3BuYnVmLCBjbnAtPmNuX3BubGVuLCBNX05BTUVJ KTsNCiAgICAgRFJPUE5BTUUoKTsNCkBAIC0xMjE4LDggKzEyMjIsMTMgQEAN CiAgICAgaWYgKFVCQ0lTVkFMSUQodnApKQ0KICAgICAgICAgcHJpbnRmKCJc biAgVUJDOiAlcyVzIiwNCiAgICAgICAgICAgICAgICBVQkNJTkZPRVhJU1RT KHZwKSA/ICJleGlzdHMsICIgOiAiZG9lcyBub3QgZXhpc3QiLA0KKyNpZmRl ZiBBRlNfREFSV0lOMTRfRU5WDQogICAgICAgICAgICAgICAgVUJDSU5GT0VY SVNUUyh2cCkgPw0KKyAgICAgICAgICAgICAgICAgc3ByaW50ZihidWYsICJy ZWZzICVkIiwgdnAtPnZfdWJjaW5mby0+dWlfcmVmY291bnQpLGJ1ZiA6ICIi KTsNCisjZWxzZQ0KKyAgICAgICAgICAgICAgIFVCQ0lORk9FWElTVFModnAp ID8NCiAgICAgICAgICAgICAgICAgIHNwcmludGYoYnVmLCAiaG9sZGNudCAl ZCIsIHZwLT52X3ViY2luZm8tPnVpX2hvbGRjbnQpLGJ1ZiA6ICIiKTsNCisj ZW5kaWYNCiAgICAgcHJpbnRmKCJcbiIpOw0KICAgICByZXR1cm4gMDsNCiB9 DQpJbmRleDogc3JjL2NvbmZpZy9NYWtlZmlsZS5wcGNfZGFyd2luXzEzLmlu DQo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09DQpSQ1MgZmlsZTogL2N2cy9vcGVu YWZzL3NyYy9jb25maWcvQXR0aWMvTWFrZWZpbGUucHBjX2Rhcndpbl8xMy5p bix2DQpyZXRyaWV2aW5nIHJldmlzaW9uIDEuNC4yLjENCmRpZmYgLXUgLWQg LWIgLXcgLXIxLjQuMi4xIE1ha2VmaWxlLnBwY19kYXJ3aW5fMTMuaW4NCi0t LSBzcmMvY29uZmlnL01ha2VmaWxlLnBwY19kYXJ3aW5fMTMuaW4JMjAwMS8w OS8yMCAyMDoxMjozMwkxLjQuMi4xDQorKysgc3JjL2NvbmZpZy9NYWtlZmls ZS5wcGNfZGFyd2luXzEzLmluCTIwMDEvMTEvMTAgMDQ6MDk6MDQNCkBAIC01 LDcgKzUsNyBAQA0KICMNCiAjDQogIyBjb21waWxhdGlvbiBhbmQgbGluayBl ZGl0b3IgZmxhZ3MNCi1YQ0ZMQUdTPS1uby1wcmVjb21wDQorWENGTEFHUz0t bm8tY3BwLXByZWNvbXANCiAjTVRfQ0ZMQUdTPS1EX1JFRU5UUkFOVCAtREFG U19QVEhSRUFEX0VOViAke1hDRkxBR1N9DQogI01UX0NDPWNjDQogS1JPT1Q9 DQpJbmRleDogc3JjL2NvbmZpZy9NYWtlZmlsZS5wcGNfZGFyd2luXzE0Lmlu DQo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09DQpSQ1MgZmlsZTogTWFrZWZpbGUu cHBjX2Rhcndpbl8xNC5pbg0KZGlmZiAtTiBNYWtlZmlsZS5wcGNfZGFyd2lu XzE0LmluDQotLS0gL2Rldi9udWxsCVR1ZSBNYXkgIDUgMTY6MzI6MjcgMTk5 OA0KKysrIE1ha2VmaWxlLnBwY19kYXJ3aW5fMTQuaW4JRnJpIE5vdiAgOSAy MzowOTowNCAyMDAxDQpAQCAtMCwwICsxLDQzIEBADQorIyBLZWVwIG1hY3Jv cyB3aXRoaW4gZWFjaCBzZWN0aW9uIGluIHNvcnRlZCBvcmRlciBmb3IgY2xl YW4gZGlmZiBkaXNwbGF5cy4NCisjDQorIyBBRlNfT1NUWVBFIHVzZWQgdG8g aW5kaWNhdGUgc3VmZml4ZXMgYW5kIG9zIHNwZWNpZmljIHN1YmRpcmVjdG9y aWVzLg0KK0FGU19PU1RZUEUgPSBEQVJXSU4NCisjDQorIw0KKyMgY29tcGls YXRpb24gYW5kIGxpbmsgZWRpdG9yIGZsYWdzDQorWENGTEFHUz0tbm8tY3Bw LXByZWNvbXANCisjTVRfQ0ZMQUdTPS1EX1JFRU5UUkFOVCAtREFGU19QVEhS RUFEX0VOViAke1hDRkxBR1N9DQorI01UX0NDPWNjDQorS1JPT1Q9DQorS0lO Q0xVREVTPS1JJChLUk9PVCkvU3lzdGVtL0xpYnJhcnkvRnJhbWV3b3Jrcy9L ZXJuZWwuZnJhbWV3b3JrL0hlYWRlcnMNCisjU0hBUkVfTERGTEFHUyA9DQor TFdQX09QVE1aPS1PMg0KK09QVE1aPS1PMg0KK0RCRz0tZw0KK1JFR0VYX09C Sj1yZWdleC5vDQorDQorDQorIw0KKyMgbGlicmFyaWVzDQorWExJQlM9QExJ Ql9BRlNEQkANCitUWExJQlM9DQorI01UTElCUz0NCisjWExJQkVMRkE9DQor I1hMSUJLVk09DQorIw0KK1NITElCX1NVRkZJWD0NCitTSExJQl9DRkxBR1M9 DQorIw0KKyMgcHJvZ3JhbXMNCitBUj1hcg0KK0FTPWFzDQorQ0M9Y2MNCitD UD1jcA0KK0lOU1RBTEw9JHtUT1BfU1JDRElSfS9waW5zdGFsbC9waW5zdGFs bA0KK0xFWD1sZXggLWwNCitMRD0gbGQNCitMT1JERVIgPSBsb3JkZXINCitN Vj1tdg0KK1JBTkxJQj1yYW5saWINCitSTT1ybQ0KK1NUUklQPSBzdHJpcA0K SW5kZXg6IHNyYy9jb25maWcvYWZzX3N5c25hbWVzLmgNCj09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT0NClJDUyBmaWxlOiAvY3ZzL29wZW5hZnMvc3JjL2NvbmZp Zy9hZnNfc3lzbmFtZXMuaCx2DQpyZXRyaWV2aW5nIHJldmlzaW9uIDEuMTQu Mi4xDQpkaWZmIC11IC1kIC1iIC13IC1yMS4xNC4yLjEgYWZzX3N5c25hbWVz LmgNCi0tLSBzcmMvY29uZmlnL2Fmc19zeXNuYW1lcy5oCTIwMDEvMTAvMTMg MDQ6MjE6MTgJMS4xNC4yLjENCisrKyBzcmMvY29uZmlnL2Fmc19zeXNuYW1l cy5oCTIwMDEvMTEvMTAgMDQ6MDk6MDQNCkBAIC00OSw2ICs0OSw3IEBADQog I2RlZmluZSBTWVNfTkFNRV9JRF9tYWNfbWFjaDUxCQkgNTAyDQogI2RlZmlu ZSBTWVNfTkFNRV9JRF9wcGNfZGFyd2luXzEyICAgICAgICA1MDMNCiAjZGVm aW5lIFNZU19OQU1FX0lEX3BwY19kYXJ3aW5fMTMgICAgICAgIDUwNA0KKyNk ZWZpbmUgU1lTX05BTUVfSURfcHBjX2Rhcndpbl8xNCAgICAgICAgNTA1DQog DQogI2RlZmluZSBTWVNfTkFNRV9JRF9uZXh0X21hY2gyMAkJIDYwMQ0KICNk ZWZpbmUgU1lTX05BTUVfSURfbmV4dF9tYWNoMzAJCSA2MDINCkluZGV4OiBz cmMvY29uZmlnL3BhcmFtLnBwY19kYXJ3aW5fMTQuaA0KPT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PQ0KUkNTIGZpbGU6IHBhcmFtLnBwY19kYXJ3aW5fMTQuaA0K ZGlmZiAtTiBwYXJhbS5wcGNfZGFyd2luXzE0LmgNCi0tLSAvZGV2L251bGwJ VHVlIE1heSAgNSAxNjozMjoyNyAxOTk4DQorKysgcGFyYW0ucHBjX2Rhcndp bl8xNC5oCUZyaSBOb3YgIDkgMjM6MDk6MDQgMjAwMQ0KQEAgLTAsMCArMSw2 MiBAQA0KKyNpZm5kZWYgQUZTX1BBUkFNX0gNCisjZGVmaW5lIEFGU19QQVJB TV9IDQorDQorI2RlZmluZSBBRlNfRU5WICAgICAgICAgICAgICAgICAxDQor I2RlZmluZSBBRlNfNjRCSVRfRU5WICAgICAgICAgICAxICAgICAgIC8qIERl ZmluZXMgYWZzX2ludDMyIGFzIGludCwgbm90IGxvbmcuICovDQorI2RlZmlu ZSBBRlNfUFBDX0VOViAxDQorI2RlZmluZSBBRlNfVkZTSU5DTF9FTlYgMQ0K Kw0KKyNpbmNsdWRlIDxhZnMvYWZzX3N5c25hbWVzLmg+DQorDQorI2RlZmlu ZSBBRlNfREFSV0lOX0VOVg0KKyNkZWZpbmUgQUZTX0RBUldJTjEzX0VOVg0K KyNkZWZpbmUgQUZTX0RBUldJTjE0X0VOVg0KKyNkZWZpbmUgQUZTX05PTkZT VFJBTlMNCisjZGVmaW5lIEFGU19TWVNDQUxMICAgICAgICAgICAgIDIzMA0K Kw0KKy8qIEZpbGUgc3lzdGVtIGVudHJ5ICh1c2VkIGlmIG1vdW50LmggZG9l c24ndCBkZWZpbmUgTU9VTlRfQUZTICovDQorI2RlZmluZSBBRlNfTU9VTlRf QUZTICAgICJhZnMiDQorDQorLyogTWFjaGluZSAvIE9wZXJhdGluZyBzeXN0 ZW0gaW5mb3JtYXRpb24gKi8NCisjZGVmaW5lIHN5c19wcGNfZGFyd2luXzEy ICAgMQ0KKyNkZWZpbmUgc3lzX3BwY19kYXJ3aW5fMTMgICAxDQorI2RlZmlu ZSBzeXNfcHBjX2Rhcndpbl8xNCAgIDENCisjZGVmaW5lIFNZU19OQU1FICAg ICAgICAicHBjX2Rhcndpbl8xNCINCisjZGVmaW5lIFNZU19OQU1FX0lEICAg ICBTWVNfTkFNRV9JRF9wcGNfZGFyd2luXzE0DQorI2RlZmluZSBBRlNCSUdf RU5ESUFOICAgMQ0KKyNkZWZpbmUgQUZTX0hBVkVfRkZTICAgIDEgICAgICAg LyogVXNlIHN5c3RlbSdzIGZmcy4gKi8NCisNCisjZGVmaW5lIEFGU19HQ1BB R1MgICAgICAgICAgICAgICAgMSAgICAgICAvKiBpZiBub256ZXJvLCBnYXJi YWdlIGNvbGxlY3QgUEFHcyAqLw0KKyNkZWZpbmUgUlhLX0xJU1RFTkVSX0VO ViAgICAgICAgIDENCisNCisjaWZkZWYgS0VSTkVMDQorI3VuZGVmIE1BQ1JP X0JFR0lODQorI3VuZGVmIE1BQ1JPX0VORA0KKyNpbmNsdWRlIDxrZXJuL21h Y3JvX2hlbHAuaD4NCisjZGVmaW5lIEFGU19HTE9CQUxfU1VOTE9DSyAgICAg ICAgMQ0KKyNkZWZpbmUgQUZTX1ZGUzM0ICAgICAgIDEgICAgICAgLyogV2hh dCBpcyBWRlMzND8/PyAqLw0KKyNkZWZpbmUgYWZzaW9faW92ICAgICAgIHVp b19pb3YNCisjZGVmaW5lIGFmc2lvX2lvdmNudCAgICB1aW9faW92Y250DQor I2RlZmluZSBhZnNpb19vZmZzZXQgICAgdWlvX29mZnNldA0KKyNkZWZpbmUg YWZzaW9fc2VnICAgICAgIHVpb19zZWdmbGcNCisjZGVmaW5lIGFmc2lvX3Jl c2lkICAgICB1aW9fcmVzaWQNCisjZGVmaW5lIEFGU19VSU9TWVMgICAgICBV SU9fU1lTU1BBQ0UNCisjZGVmaW5lIEFGU19VSU9VU0VSICAgICBVSU9fVVNF UlNQQUNFDQorI2RlZmluZSBBRlNfQ0xCWVRFUyAgICAgQ0xCWVRFUw0KKyNk ZWZpbmUgb3NpX0dldFRpbWUoeCkgIG1pY3JvdGltZSh4KQ0KKyNkZWZpbmUg QUZTX0tBTExPQyh4KSAgIGthbGxvYyh4KQ0KKyNkZWZpbmUgQUZTX0tGUkVF KHgseSkgIGtmcmVlKHgseSkNCisjZGVmaW5lIHZfY291bnQgICAgICAgICB2 X3VzZWNvdW50DQorI2RlZmluZSB2X3Zmc3AgICAgICAgICAgdl9tb3VudA0K KyNkZWZpbmUgdmZzX2JzaXplICAgICAgIG1udF9zdGF0LmZfYnNpemUNCisj ZGVmaW5lIHZmc19mc2lkICAgICAgICBtbnRfc3RhdC5mX2ZzaWQNCisjZGVm aW5lIHZhX25vZGVpZCAgICAgICB2YV9maWxlaWQNCisjZGVmaW5lIHZmc192 bm9kZWNvdmVyZWQgbW50X3Zub2RlY292ZXJlZA0KKyNkZWZpbmUgZGlyZWN0 ICAgICAgICAgIGRpcmVudA0KKyNkZWZpbmUgdm5vZGVfdCAgICAgICAgIHN0 cnVjdCB2bm9kZQ0KKw0KKyNkZWZpbmUgVk5fUkVMRSh2cCkgICAgIHZyZWxl KCgoc3RydWN0IHZub2RlICopKHZwKSkpDQorI2RlZmluZSBWTl9IT0xEKHZw KSAgICAgVlJFRigoKHN0cnVjdCB2bm9kZSAqKSh2cCkpKQ0KKw0KKyNlbmRp Zg0KKyNlbmRpZiAvKiBBRlNfUEFSQU1fSCAqLw0KSW5kZXg6IHNyYy9jb25m aWcvcGFyYW0ucHBjX2Rhcndpbl8xNF91c3IuaA0KPT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PQ0KUkNTIGZpbGU6IHBhcmFtLnBwY19kYXJ3aW5fMTRfdXNyLmgN CmRpZmYgLU4gcGFyYW0ucHBjX2Rhcndpbl8xNF91c3IuaA0KLS0tIC9kZXYv bnVsbAlUdWUgTWF5ICA1IDE2OjMyOjI3IDE5OTgNCisrKyBwYXJhbS5wcGNf ZGFyd2luXzE0X3Vzci5oCUZyaSBOb3YgIDkgMjM6MDk6MDQgMjAwMQ0KQEAg LTAsMCArMSw1MCBAQA0KKyNpZm5kZWYgQUZTX1BBUkFNX0gNCisjZGVmaW5l IEFGU19QQVJBTV9IDQorDQorI2RlZmluZSBBRlNfVkZTSU5DTF9FTlYgMSAg ICAgICAvKiBOT0JPRFkgdXNlcyB0aGlzLi4uLiAqLw0KKyNkZWZpbmUgQUZT X0VOViAgICAgICAgICAgICAgICAgMQ0KKyNkZWZpbmUgQUZTXzY0QklUX0VO ViAgICAgICAgICAgMSAgICAgICAvKiBEZWZpbmVzIGFmc19pbnQzMiBhcyBp bnQsIG5vdCBsb25nLiAqLw0KKyNkZWZpbmUgQUZTX1BQQ19FTlYgMQ0KKw0K KyNpbmNsdWRlIDxhZnMvYWZzX3N5c25hbWVzLmg+DQorI2RlZmluZSBBRlNf VVNFUlNQQUNFX0VOVg0KKyNkZWZpbmUgQUZTX1VTUl9EQVJXSU5fRU5WDQor I2RlZmluZSBBRlNfVVNSX0RBUldJTjEzX0VOVg0KKyNkZWZpbmUgQUZTX1VT Ul9EQVJXSU4xNF9FTlYNCisjZGVmaW5lIEFGU19OT05GU1RSQU5TIA0KKyNk ZWZpbmUgQUZTX1NZU0NBTEwgICAgICAgICAgICAgMjMwDQorDQorLyogRmls ZSBzeXN0ZW0gZW50cnkgKHVzZWQgaWYgbW91bnQuaCBkb2Vzbid0IGRlZmlu ZSBNT1VOVF9BRlMgKi8NCisjZGVmaW5lIEFGU19NT1VOVF9BRlMgICAgImFm cyINCisNCisvKiBNYWNoaW5lIC8gT3BlcmF0aW5nIHN5c3RlbSBpbmZvcm1h dGlvbiAqLw0KKyNkZWZpbmUgc3lzX3BwY19kYXJ3aW5fMTIgICAxDQorI2Rl ZmluZSBzeXNfcHBjX2Rhcndpbl8xMyAgIDENCisjZGVmaW5lIHN5c19wcGNf ZGFyd2luXzE0ICAgMQ0KKyNkZWZpbmUgU1lTX05BTUUgICAgICAgICJwcGNf ZGFyd2luXzE0Ig0KKyNkZWZpbmUgU1lTX05BTUVfSUQgICAgIFNZU19OQU1F X0lEX3BwY19kYXJ3aW5fMTQNCisjZGVmaW5lIEFGU0JJR19FTkRJQU4gICAx DQorI2RlZmluZSBBRlNfSEFWRV9GRlMgICAgMSAgICAgICAvKiBVc2Ugc3lz dGVtJ3MgZmZzLiAqLw0KKw0KKyNkZWZpbmUgQUZTX1VJT1NZUyAgICAgIFVJ T19TWVNTUEFDRQ0KKyNkZWZpbmUgQUZTX1VJT1VTRVIgICAgIFVJT19VU0VS U1BBQ0UNCisNCisjZGVmaW5lIEFGU19HQ1BBR1MgICAgICAgICAgICAgICAg MCAgICAgICAvKiBpZiBub256ZXJvLCBnYXJiYWdlIGNvbGxlY3QgUEFHcyAq Lw0KKyNkZWZpbmUgUlhLX0xJU1RFTkVSX0VOViAgICAgICAgICAxDQorDQor I2RlZmluZSBBRlNfVkZTMzQgICAgICAgMSAgICAgICAvKiBXaGF0IGlzIFZG UzM0Pz8/ICovDQorI2RlZmluZSBhZnNpb19pb3YgICAgICAgdWlvX2lvdg0K KyNkZWZpbmUgYWZzaW9faW92Y250ICAgIHVpb19pb3ZjbnQNCisjZGVmaW5l IGFmc2lvX29mZnNldCAgICB1aW9fb2Zmc2V0DQorI2RlZmluZSBhZnNpb19z ZWcgICAgICAgdWlvX3NlZ2ZsZw0KKyNkZWZpbmUgYWZzaW9fcmVzaWQgICAg IHVpb19yZXNpZA0KKyNkZWZpbmUgQUZTX1VJT1NZUyAgICAgIFVJT19TWVNT UEFDRQ0KKyNkZWZpbmUgQUZTX1VJT1VTRVIgICAgIFVJT19VU0VSU1BBQ0UN CisjZGVmaW5lICAgICAgICBWQVRUUl9OVUxMICAgICAgdXNyX3ZhdHRyX251 bGwNCisNCisjZGVmaW5lIEFGU19ESVJFTlQNCisjaWZuZGVmIENNU0VSVkVS UFJFRg0KKyNkZWZpbmUgQ01TRVJWRVJQUkVGDQorI2VuZGlmDQorDQorI2Vu ZGlmIC8qIEFGU19QQVJBTV9IICovDQpJbmRleDogc3JjL2xpYmFmcy9hZnMu cHBjX2Rhcndpbl8xNC5wbGlzdC5pbg0KPT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PQ0KUkNTIGZpbGU6IC9jdnMvb3BlbmFmcy9zcmMvbGliYWZzL2Fmcy5wcGNf ZGFyd2luXzE0LnBsaXN0LmluLHYNCnJldHJpZXZpbmcgcmV2aXNpb24gMS4x LjIuMQ0KZGlmZiAtdSAtZCAtYiAtdyAtcjEuMS4yLjEgYWZzLnBwY19kYXJ3 aW5fMTQucGxpc3QuaW4NCi0tLSBzcmMvbGliYWZzL2Fmcy5wcGNfZGFyd2lu XzE0LnBsaXN0LmluCTIwMDEvMDkvMTIgMDU6MDM6NTMJMS4xLjIuMQ0KKysr IHNyYy9saWJhZnMvYWZzLnBwY19kYXJ3aW5fMTQucGxpc3QuaW4JMjAwMS8x MS8xMCAwNDowOToyMA0KQEAgLTI1LDcgKzI1LDcgQEANCiAJCTxrZXk+Y29t LmFwcGxlLmtlcm5lbC5ic2Q8L2tleT4NCiAJCTxzdHJpbmc+MS4xPC9zdHJp bmc+DQogCQk8a2V5PmNvbS5hcHBsZS5rZXJuZWwubWFjaDwva2V5Pg0KLQkJ PHN0cmluZz4xLjAuMGIxPC9zdHJpbmc+DQorCQk8c3RyaW5nPjEuMTwvc3Ry aW5nPg0KIAk8L2RpY3Q+DQogPC9kaWN0Pg0KIDwvcGxpc3Q+DQo= --41945465-504382577-1005367984=:8225-- From ssen@MIT.EDU Sat Nov 10 02:11:00 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.72.0.53]) by grand.central.org (Postfix) with ESMTP id 7F04A9BDC for ; Sat, 10 Nov 2001 02:11:00 -0500 (EST) Received: from grand-central-station.mit.edu (GRAND-CENTRAL-STATION.MIT.EDU [18.7.21.82]) by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id CAA13123 for ; Sat, 10 Nov 2001 02:11:00 -0500 (EST) Received: from manawatu-mail-centre.mit.edu (MANAWATU-MAIL-CENTRE.MIT.EDU [18.7.21.85]) by grand-central-station.mit.edu (8.9.2/8.9.2) with ESMTP id CAA29803 for ; Sat, 10 Nov 2001 02:10:59 -0500 (EST) Received: from definitely-not-swedish.mit.edu (DEFINITELY-NOT-SWEDISH.MIT.EDU [18.18.1.89]) by manawatu-mail-centre.mit.edu (8.9.2/8.9.2) with ESMTP id CAA21869 for ; Sat, 10 Nov 2001 02:10:58 -0500 (EST) Received: (from ssen@localhost) by definitely-not-swedish.mit.edu (8.9.3) id CAA02866; Sat, 10 Nov 2001 02:10:58 -0500 (EST) Message-Id: <200111100710.CAA02866@definitely-not-swedish.mit.edu> To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] Darwin 1.4/Mac OS 10.1 patch In-Reply-To: Your message of "Fri, 09 Nov 2001 23:53:04 EST." Date: Sat, 10 Nov 2001 02:10:58 -0500 From: Shantonu Sen Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: FYI, for reasons that boggle the mind, the Darwin kernel version will soon be changing from 1.4 to 5.1. This change should be reflected in Darwin opensource CVS. This is cosmetic, but raises the interesting question of whether the sysname should be changed, or... Shantonu > Attached is my "official" patch for 1.4/10.1 against the OpenAFS 1.2.2 > release. I recommend that anyone using afs with 10.1 use this patch and > not one from any other source. In particular, no one else is likely to > have properly modified osi_VM_TryReclaim to work properly under the > Darwin 1.4 kernel. > From cg2v+@andrew.cmu.edu Sat Nov 10 14:09:53 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from po10.andrew.cmu.edu (PO10.ANDREW.CMU.EDU [128.2.10.110]) by grand.central.org (Postfix) with ESMTP id 1122C9BDC for ; Sat, 10 Nov 2001 14:09:53 -0500 (EST) Received: (from postman@localhost) by po10.andrew.cmu.edu (8.9.3/8.9.3) id OAA00791 for port-darwin@openafs.org; Sat, 10 Nov 2001 14:09:49 -0500 (EST) Received: via switchmail; Sat, 10 Nov 2001 14:09:48 -0500 (EST) Received: from sphinx.andrew.cmu.edu via qmail ID ; Sat, 10 Nov 2001 14:08:55 -0500 (EST) Received: from sphinx.andrew.cmu.edu via qmail ID ; Sat, 10 Nov 2001 14:08:54 -0500 (EST) Received: from mms.4.60.Jul.16.2001.15.18.20.i386.Linux.22.EzMail.2.0.CUILIB.3.45.SNAP.NOT.LINKED.sphinx.andrew.cmu.edu.i386.linux22 via MS.5.6.sphinx.andrew.cmu.edu.i386_Linux_22; Sat, 10 Nov 2001 14:08:54 -0500 (EST) Message-ID: Date: Sat, 10 Nov 2001 14:08:54 -0500 (EST) From: Chaskiel M Grundman To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] Darwin 1.4/Mac OS 10.1 patch Cc: In-Reply-To: References: Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: It appears as though cvs diff is somewhat dumb. After applying the patch with patch -p0, you will want to mv *ppc_darwin14* src/config before trying to build From srb@umich.edu Tue Nov 20 11:22:41 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from changeofhabit.mr.itd.umich.edu (changeofhabit.mr.itd.umich.edu [141.211.144.17]) by grand.central.org (Postfix) with ESMTP id 702E89C34 for ; Tue, 20 Nov 2001 11:22:41 -0500 (EST) Received: from srb.icpsr.umich.edu (srb.icpsr.umich.edu [141.211.192.183]) by changeofhabit.mr.itd.umich.edu (8.9.3/3.2r) with ESMTP id LAA15295 for ; Tue, 20 Nov 2001 11:22:40 -0500 (EST) Date: Tue, 20 Nov 2001 11:22:33 -0500 From: Steve Burling To: port-darwin@openafs.org Message-ID: <3637527.1006255353@srb.icpsr.umich.edu> X-Mailer: Mulberry/2.1.1 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: [OpenAFS-port-darwin] Re: Darwin 1.4/Mac OS 10.1 patch Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: On Sat, 10 Nov 2001 14:08:54 -0500 Chaskiel M Grundman cg2v+@andrew.cmu.edu wrote: > It appears as though cvs diff is somewhat dumb. > > After applying the patch with patch -p0, you will want to > mv *ppc_darwin14* src/config before trying to build Chaskiel, will you be producing an OpenAFS installer for use on 10.1[.1]? -- Steve ----------------------------------------------------------------------- Steve Burling University of Michigan, ICPSR Voice: +1 734 998.9873 311 Maynard Street FAX: +1 734 998.9905 Ann Arbor, MI 48104-2211 From cg2v+@andrew.cmu.edu Tue Nov 20 15:16:43 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from po10.andrew.cmu.edu (PO10.ANDREW.CMU.EDU [128.2.10.110]) by grand.central.org (Postfix) with ESMTP id 22D859C57 for ; Tue, 20 Nov 2001 15:16:43 -0500 (EST) Received: (from postman@localhost) by po10.andrew.cmu.edu (8.9.3/8.9.3) id PAA00821 for port-darwin@openafs.org; Tue, 20 Nov 2001 15:16:42 -0500 (EST) Received: via switchmail; Tue, 20 Nov 2001 15:16:41 -0500 (EST) Received: from sphinx.andrew.cmu.edu via qmail ID ; Tue, 20 Nov 2001 15:14:51 -0500 (EST) Received: from sphinx.andrew.cmu.edu via qmail ID ; Tue, 20 Nov 2001 15:14:51 -0500 (EST) Received: from mms.4.60.Jul.16.2001.15.18.20.i386.Linux.22.EzMail.2.0.CUILIB.3.45.SNAP.NOT.LINKED.sphinx.andrew.cmu.edu.i386.linux22 via MS.5.6.sphinx.andrew.cmu.edu.i386_Linux_22; Tue, 20 Nov 2001 15:14:51 -0500 (EST) Message-ID: Date: Tue, 20 Nov 2001 15:14:51 -0500 (EST) From: Chaskiel M Grundman To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] Re: Darwin 1.4/Mac OS 10.1 patch Cc: In-Reply-To: <3637527.1006255353@srb.icpsr.umich.edu> References: <3637527.1006255353@srb.icpsr.umich.edu> Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Excerpts from internet.computing.openafs.port-darwin: 20-Nov-101 [OpenAFS-port-darwin] Re: D.. by Steve Burling@umich.edu > Chaskiel, will you be producing an OpenAFS installer for use on 10.1[.1]? Not for openafs 1.2.2 The OpenAFS 1.2.2a interim release should be available real soon now. I've already uploaded the binaries. From David.P.Saracino.4@nd.edu Wed Nov 28 02:32:39 2001 Return-Path: Delivered-To: port-darwin@openafs.org Received: from dagger.nd.edu (dagger.nd.edu [129.74.250.101]) by grand.central.org (Postfix) with ESMTP id 7234B9BDC for ; Wed, 28 Nov 2001 02:32:39 -0500 (EST) Received: from [129.74.152.201] (saracino-4a.student.nd.edu [129.74.152.201]) by dagger.nd.edu (8.10.2/8.10.2) with ESMTP id fAS7Wbb04133 for ; Wed, 28 Nov 2001 02:32:38 -0500 (EST) User-Agent: Microsoft-Outlook-Express-Macintosh-Edition/5.02.2022 Date: Wed, 28 Nov 2001 02:32:38 -0500 From: David Saracino To: Message-ID: Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit Subject: [OpenAFS-port-darwin] iBook tokens problems Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I'm having trouble getting a token on my new iBook, and I can't, for the life of me, figure it out. I installed and successfully got a token with 1.2.2 and 1.2.2a on an old clam-shell 366 iBook. However, on a new (non-clamshell) iBook, I am unable to get a token. I installed the new package and am able to see afs cells, but klog returns the following error when I try to get a token: Unable to authenticate to AFS because authentication server was passed a bad ticket. Has anybody experienced a similar problem, or have any idea why this might be happening? I must have installed OS X (10.0.x and 10.1.x), using both the iBook distribution cd and a generic OS X cd, at least 50 times in the past few days, but sadly to know avail. Any suggestions would be greatly appreciated. Thanks, David Saracino From ragge@nada.kth.se Sat Jan 12 19:05:46 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from socko.nada.kth.se (socko.nada.kth.se [130.237.225.116]) by grand.central.org (Postfix) with ESMTP id A994F9C3E for ; Sat, 12 Jan 2002 19:05:45 -0500 (EST) Received: from [10.0.1.15] (h163n1fls33o882.telia.com [213.66.162.163]) (authenticated bits=0) by socko.nada.kth.se (8.12.1/8.12.1) with ESMTP id g0D05hwN025532 for ; Sun, 13 Jan 2002 01:05:44 +0100 (MET) Date: Sun, 13 Jan 2002 01:06:26 +0100 From: Ragnar Sundblad To: port-darwin@openafs.org Message-ID: <1738963757.1010883986@[10.0.1.15]> In-Reply-To: <20011128170103.33D129C21@grand.central.org> References: <20011128170103.33D129C21@grand.central.org> X-Mailer: Mulberry/2.1.1 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: [OpenAFS-port-darwin] OpenAFS and MacosX 10.1.2/Darwin 5.2 Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Hello, all! I have been playing with OpenAFS on MacOSX 10.1.2 (Darwin 5.2). I built it with --host=powerpc-apple-darwin1.4. When exercised a little, I get a few of these syslogged: "mach_kernel: ubc_release didn't release the reference?!", which one can find in osi_VM_TryReclaim() (src/afs/DARWIN/osi_vm.c) like so: ... if (ubc_issetflags(vp, UI_WASMAPPED)) { simple_unlock(&vp->v_interlock); #ifdef AFS_DARWIN14_ENV ubc_release_named(vp); #else ubc_release(vp); #endif if (ubc_issetflags(vp, UI_HASOBJREF)) printf("ubc_release didn't release the reference?!\n"); } else if (... ... Is this bad? Should the code be updated for 10.1.2/5.2? If so, is anyone out there working on that? (Kind of tricky without the kernel source, maybe :-) I have also had a few crashes. I haven't had the symbols for the afs kext, and certainly not for the kernel since the source isn't out yet, but it has been in sorecieve every time. (sorry, thought I hade a backtrace at least, but I have lost it.) Has anyone else seen this? /ragge From ragge@nada.kth.se Mon Jan 14 16:04:29 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from socko.nada.kth.se (socko.nada.kth.se [130.237.225.116]) by grand.central.org (Postfix) with ESMTP id 4D12D9C1B for ; Mon, 14 Jan 2002 16:04:28 -0500 (EST) Received: from rp (dyna225-118.nada.kth.se [130.237.225.118]) (authenticated bits=0) by socko.nada.kth.se (8.12.1/8.12.1) with ESMTP id g0EL4QMo011885 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Mon, 14 Jan 2002 22:04:26 +0100 (MET) Date: Mon, 14 Jan 2002 22:05:15 +0100 From: Ragnar Sundblad To: port-darwin@openafs.org Message-ID: <1900892438.1011045915@rp> In-Reply-To: <1738963757.1010883986@[10.0.1.15]> References: <1738963757.1010883986@[10.0.1.15]> X-Mailer: Mulberry/2.1.1 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: [OpenAFS-port-darwin] OpenAFS and MacosX 10.1.2/Darwin 5.2 - new and old crash Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Got another crash, while shutting down: ... continuing WARM shutting down of: CB... afs... BkG... CTrunc... AFSDB... RxEvent... RxListener... panic(cpu 0): sbdrop Latest stack bracktrace for cpu 0: Backtrace: [see below] Kernel loadable modules in backtrace: org.openafs.fileystems.afs(1.2.2)@0xaf16000 Proceeding back via exception chain: .... Backtrace from remote gdb: #0 0x00081964 in Debugger () #1 0x00028080 in panic () #2 0x000417ec in zalloc_canblock () #3 0x0002d02c in kalloc_canblock () #4 0x001842cc in _MALLOC () #5 0x001a35c0 in dup_sockaddr () #6 0x001a02fc in soreceive () #7 0x0af6b5e0 in ?? () #8 0x0af6c998 in ?? () #9 0x0af6cd0c in ?? () #10 0x0af7fef4 in ?? () #11 0x0af81810 in ?? () #12 0x00092b88 in unix_syscall () #13 0x0008ed40 in .L_call_server_syscall_exception () #14 0x616d6470 in ?? () Cannot access memory at address 0xbfffc870 And the other one: --On den 13 januari 2002 01:06 +0100 Ragnar Sundblad wrote: ... > I have also had a few crashes. I haven't had the symbols for > the afs kext, and certainly not for the kernel since the source > isn't out yet, but it has been in sorecieve every time. > (sorry, thought I hade a backtrace at least, but I have lost it.) ... Found it: #0 0x00081964 in Debugger () #1 0x00028080 in panic () #2 0x000417ec in zalloc_canblock () #3 0x0002d02c in kalloc_canblock () #4 0x001842cc in _MALLOC () #5 0x001a35c0 in dup_sockaddr () #6 0x001a02fc in soreceive () #7 0x0af6b5e0 in ?? () #8 0x0af6c998 in ?? () #9 0x0af6cd0c in ?? () #10 0x0af7fef4 in ?? () #11 0x0af81810 in ?? () #12 0x00092b88 in unix_syscall () #13 0x0008ed40 in .L_call_server_syscall_exception () #14 0x616d6470 in ?? () Cannot access memory at address 0xbfffc870 (Does anybody listen? Does anybody use this info? :-) /ragge From ragge@nada.kth.se Mon Jan 14 16:08:52 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from socko.nada.kth.se (socko.nada.kth.se [130.237.225.116]) by grand.central.org (Postfix) with ESMTP id CFD3C9C1B for ; Mon, 14 Jan 2002 16:08:51 -0500 (EST) Received: from rp (dyna225-118.nada.kth.se [130.237.225.118]) (authenticated bits=0) by socko.nada.kth.se (8.12.1/8.12.1) with ESMTP id g0EL8oMo012403 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Mon, 14 Jan 2002 22:08:51 +0100 (MET) Date: Mon, 14 Jan 2002 22:09:40 +0100 From: Ragnar Sundblad To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] OpenAFS and MacosX 10.1.2/Darwin 5.2 - new and old crash Message-ID: <1901157349.1011046180@rp> In-Reply-To: <1900892438.1011045915@rp> References: <1900892438.1011045915@rp> X-Mailer: Mulberry/2.1.1 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Sorry! The first backtrace was wrong! Silly me! --On den 14 januari 2002 22:05 +0100 Ragnar Sundblad wrote: > Got another crash, while shutting down: > ... > continuing > WARM shutting down of: CB... afs... BkG... CTrunc... AFSDB... RxEvent... > RxListener... panic(cpu 0): sbdrop Latest stack bracktrace for cpu 0: > Backtrace: > [see below] > Kernel loadable modules in backtrace: > org.openafs.fileystems.afs(1.2.2)@0xaf16000 > Proceeding back via exception chain: > .... > Backtrace from remote gdb: ... #0 0x00081964 in Debugger () #1 0x00028080 in panic () #2 0x001a3068 in sbdrop () #3 0x001a2f24 in sbflush () #4 0x001a25b8 in sbrelease () #5 0x001a0a54 in sorflush () #6 0x0019ef84 in sofree () #7 0x0019f1cc in soclose () #8 0x0af6b764 in ?? () #9 0x0af81e38 in ?? () #10 0x0af8f3f0 in ?? () #11 0x000ad874 in dounmount () #12 0x000abe8c in vfs_unmountall () #13 0x001877c8 in boot () #14 0x0018e020 in reboot () #15 0x00092b88 in unix_syscall () #16 0x0008ed40 in .L_call_server_syscall_exception () #17 0x7369676e in ?? () Cannot access memory at address 0xbffffed0 From cg2v@andrew.cmu.edu Tue Jan 15 15:02:39 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp7.andrew.cmu.edu (SMTP7.ANDREW.CMU.EDU [128.2.10.87]) by grand.central.org (Postfix) with ESMTP id 74C5B9BDD for ; Tue, 15 Jan 2002 15:02:39 -0500 (EST) Received: from sphinx.andrew.cmu.edu (SPHINX.ANDREW.CMU.EDU [128.2.121.9]) (user=cg2v mech=KERBEROS_V4 (0 bits)) by smtp7.andrew.cmu.edu (8.12.2.Beta3/8.12.2.Beta3) with ESMTP id g0FK2RBr025369 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Tue, 15 Jan 2002 15:02:32 -0500 Date: Tue, 15 Jan 2002 15:02:33 -0500 From: Chaskiel M Grundman To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] OpenAFS and MacosX 10.1.2/Darwin 5.2 - new and old crash Message-ID: <25540000.1011124953@sphinx.andrew.cmu.edu> In-Reply-To: <1901157349.1011046180@rp> X-Mailer: Mulberry/2.0.6 (Linux/x86) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I don't really use my macos machine a whole lot, so I don't tend to notice upgrades.... If they've changed the ubc_release behavior *again*, I'm going to have to find some time (and the source) and figure out what it is. I do not know when I will get to it. As far as the soreceive panic is concerned, knowing what the panic message is would be useful. it's possible that the code is holding a spinlock where it shouldn't be, but it might be something else. From ragge@nada.kth.se Thu Jan 17 15:59:26 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from socko.nada.kth.se (socko.nada.kth.se [130.237.225.116]) by grand.central.org (Postfix) with ESMTP id 1691F9BDD for ; Thu, 17 Jan 2002 15:59:26 -0500 (EST) Received: from rp (dyna225-118.nada.kth.se [130.237.225.118]) (authenticated bits=0) by socko.nada.kth.se (8.12.1/8.12.1) with ESMTP id g0HKxJUM009865 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Thu, 17 Jan 2002 21:59:20 +0100 (MET) Date: Thu, 17 Jan 2002 22:00:17 +0100 From: Ragnar Sundblad To: Chaskiel M Grundman , port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] OpenAFS and MacosX 10.1.2/Darwin 5.2 - new and old crash Message-ID: <2159794059.1011304817@rp> In-Reply-To: <25540000.1011124953@sphinx.andrew.cmu.edu> References: <25540000.1011124953@sphinx.andrew.cmu.edu> X-Mailer: Mulberry/2.1.2 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: --On den 15 januari 2002 15:02 -0500 Chaskiel M Grundman wrote: > If they've changed the ubc_release behavior *again*, I'm going to have to > find some time (and the source) and figure out what it is. I do not know > when I will get to it. I am not familiar with the bowels of the ubc, or the rest of the relevant code either for that matter, so I am afraid I am not of very much help trying to assist with this. Anyway, the source is there now, or rather, one minor version later is there now. It has cvs tag Apple-201-15 (MacOS X 10.1.2 is xnu-201.14 which, if I have understood this, should have been Apple-201-14 in the public cvs repository). /ragge From arosenbl@mac.com Tue Jan 22 00:55:23 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtpout.mac.com (unknown [204.179.120.86]) by grand.central.org (Postfix) with ESMTP id 632529C0D for ; Tue, 22 Jan 2002 00:55:23 -0500 (EST) Received: from smtp-relay01.mac.com (server-source-si02 [10.13.10.6]) by smtpout.mac.com (8.12.1/8.10.2/1.0) with ESMTP id g0M5tMOW024771 for ; Mon, 21 Jan 2002 21:55:22 -0800 (PST) Received: from asmtp01.mac.com ([10.13.10.65]) by smtp-relay01.mac.com (Netscape Messaging Server 4.15 relay01 Jun 21 2001 23:53:48) with ESMTP id GQBSGA00.5GC for ; Mon, 21 Jan 2002 21:55:22 -0800 Received: from localhost ([166.90.245.14]) by asmtp01.mac.com (Netscape Messaging Server 4.15 asmtp01 Jun 21 2001 23:53:48) with ESMTP id GQBSG900.VDL for ; Mon, 21 Jan 2002 21:55:21 -0800 Date: Tue, 22 Jan 2002 00:55:17 -0500 Mime-Version: 1.0 (Apple Message framework v480) Content-Type: text/plain; charset=US-ASCII; format=flowed From: Aaron Rosenblum To: port-darwin@openafs.org Content-Transfer-Encoding: 7bit Message-Id: <9C82258E-0EFC-11D6-8377-00039350D34C@mac.com> X-Mailer: Apple Mail (2.480) Subject: [OpenAFS-port-darwin] pioctl failed? Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Hey all, Tonight I finally tried to get OpenAFS running on my MacOS 10.1.2 box. I installed the package for 10.1 from the OpenAFS.org site and took the krb5.conf file CellServDB and ThisCell files from another UNIX box that is known to work in my Cell. I can get kerberos tickets using the KfM GUI app and kinit commands. I put the line: -memcache -blocks 48000 -daemons 3 -volumes 70 -nosettime -rootvol user.arosenbl in my /var/db/openafs/etc/config/afsd.options file as was recommended by other users at my site. However, when I issue the klog command I get this error: [localhost:openafs/etc/config] arosenbl% klog Password: Unable to authenticate to AFS because a pioctl failed. I have changed my local UID to be my viceID and chowned all of my local files. Anyone know what this means and why it might be doing this? thanks Aaron From jackson@CMU.EDU Tue Jan 22 13:42:53 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp5.andrew.cmu.edu (SMTP5.ANDREW.CMU.EDU [128.2.10.85]) by grand.central.org (Postfix) with ESMTP id 176599C0C for ; Tue, 22 Jan 2002 13:42:53 -0500 (EST) Received: from [0.0.0.0] (TI.WV.CC.CMU.EDU [128.2.72.139]) (user=jackson mech=KERBEROS_V4 (0 bits)) by smtp5.andrew.cmu.edu (8.12.2.Beta3/8.12.2.Beta3) with ESMTP id g0MIgmPl011956; Tue, 22 Jan 2002 13:42:49 -0500 Date: Tue, 22 Jan 2002 13:42:49 -0500 From: Joseph Jackson To: Aaron Rosenblum , port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] pioctl failed? Message-ID: <352367.1011706969@[0.0.0.0]> In-Reply-To: <9C82258E-0EFC-11D6-8377-00039350D34C@mac.com> References: <9C82258E-0EFC-11D6-8377-00039350D34C@mac.com> Originator-Info: login-token=Mulberry:01mY+eNQPwAaD+8Apx/AjResyCvgfzEJoCr/+eDr3Eac4=; token_authority=true X-Mailer: Mulberry/2.1.1 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Aaron, Klog will lead to a pioctl failure if AFS doesn't properly load. Have you verified that it starts up okay? I assume you restarted after installing. Does /afs have anything in it? What processes are running (% ps auxww)? Next, I would try running without the options file in place. If taking away the options makes "klog" happy, try figuring out which one causes the problem. It's probably the -memcache part or your choice of a root volume. Joe Jackson, Computing Services, Carnegie Mellon University. From arosenbl@mac.com Tue Jan 22 15:35:50 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtpout.mac.com (smtpout.mac.com [204.179.120.88]) by grand.central.org (Postfix) with ESMTP id 309DB9C2B for ; Tue, 22 Jan 2002 15:35:50 -0500 (EST) Received: from smtp-relay02.mac.com (server-source-si02 [10.13.10.6]) by smtpout.mac.com (8.12.1/8.10.2/1.0) with ESMTP id g0MKZjwu006107 for ; Tue, 22 Jan 2002 12:35:49 -0800 (PST) Received: from asmtp02.mac.com ([10.13.10.66]) by smtp-relay02.mac.com (Netscape Messaging Server 4.15 relay02 Jun 21 2001 23:53:48) with ESMTP id GQCX7L00.JEH for ; Tue, 22 Jan 2002 12:35:45 -0800 Received: from student1.us.itd.umich.edu ([141.213.237.67]) by asmtp02.mac.com (Netscape Messaging Server 4.15 asmtp02 Jun 21 2001 23:53:48) with ESMTP id GQCX7K00.Q06; Tue, 22 Jan 2002 12:35:44 -0800 Date: Tue, 22 Jan 2002 15:35:43 -0500 Subject: Re: [OpenAFS-port-darwin] pioctl failed? Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v480) Cc: port-darwin@openafs.org To: Aaron Rosenblum From: Aaron Rosenblum In-Reply-To: <9C82258E-0EFC-11D6-8377-00039350D34C@mac.com> Message-Id: <9B68572E-0F77-11D6-A0BC-0030656AE108@mac.com> Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.480) Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Thanks to you all, I got it working. It turned out that the startup script was messed up for some reason. You guys were right, AFS was not loading on startup. But now it works and I can get to AFS! Ad for why I changed my local UID to my viceID, I was told that for me to be able to edit the files in my AFS space that are owned by me, I must use my viceID as my local UID because the finder doesn't quite understand what is going on in AFS land. My ID on the campus machines is not 501 like it is by default on my MacOS X machine. If there is a better solution to this, please let me know! thanks again Aaron Rosenblum University of Michigan On Tuesday, January 22, 2002, at 12:55 AM, Aaron Rosenblum wrote: > Hey all, > > Tonight I finally tried to get OpenAFS running on my MacOS 10.1.2 box. > I installed the package for 10.1 from the OpenAFS.org site and took the > krb5.conf file CellServDB and ThisCell files from another UNIX box that > is known to work in my Cell. I can get kerberos tickets using the KfM > GUI app and kinit commands. I put the line: > > -memcache -blocks 48000 -daemons 3 -volumes 70 -nosettime -rootvol > user.arosenbl > > in my /var/db/openafs/etc/config/afsd.options file as was recommended > by other users at my site. However, when I issue the klog command I > get this error: > > [localhost:openafs/etc/config] arosenbl% klog > Password: > Unable to authenticate to AFS because a pioctl failed. > > I have changed my local UID to be my viceID and chowned all of my local > files. Anyone know what this means and why it might be doing this? > > thanks > > Aaron > > _______________________________________________ > port-darwin mailing list > port-darwin@openafs.org > https://lists.openafs.org/mailman/listinfo/port-darwin From ragge@nada.kth.se Tue Jan 22 16:13:22 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from socko.nada.kth.se (socko.nada.kth.se [130.237.225.116]) by grand.central.org (Postfix) with ESMTP id E5B699C34 for ; Tue, 22 Jan 2002 16:13:21 -0500 (EST) Received: from rp (dyna225-118.nada.kth.se [130.237.225.118]) (authenticated bits=0) by socko.nada.kth.se (8.12.1/8.12.1) with ESMTP id g0ML9oKH027997 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Tue, 22 Jan 2002 22:09:51 +0100 (MET) Date: Tue, 22 Jan 2002 22:09:56 +0100 From: Ragnar Sundblad To: Aaron Rosenblum Cc: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] pioctl failed? Message-ID: <320390937.1011737396@rp> In-Reply-To: <9B68572E-0F77-11D6-A0BC-0030656AE108@mac.com> References: <9B68572E-0F77-11D6-A0BC-0030656AE108@mac.com> X-Mailer: Mulberry/2.1.2 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: --On den 22 januari 2002 15:35 -0500 Aaron Rosenblum wrote: > Thanks to you all, I got it working. It turned out that the startup > script was messed up for some reason. You guys were right, AFS was not > loading on startup. But now it works and I can get to AFS! Ad for why I > changed my local UID to my viceID, I was told that for me to be able to > edit the files in my AFS space that are owned by me, I must use my viceID > as my local UID because the finder doesn't quite understand what is going > on in AFS land. My ID on the campus machines is not 501 like it is by > default on my MacOS X machine. If there is a better solution to this, > please let me know! > > thanks again > > Aaron Rosenblum > University of Michigan I believe that what Finder should do on AFS volumes and other "foreign" file systems is either - Learn the semantics or - Allow for plugins to get and manipulate rights or in the general case when semantics are unknown - use the access() call to get the user's rights for each file and catalog. We have discussed this with Apple folks, but they think that using access() would make the Finder slower. Maybe it would a little, but on the other hand the current solution is kind of unusable. To get around that you have to fake your information: 1. Sync your unix user UIDs with the AFS PTS database's IDs 2. Set all file and dir access bits to reflect your real afs permission, which can be different for each user. /ragge From srb@umich.edu Thu Jan 31 10:08:39 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from changeofhabit.mr.itd.umich.edu (changeofhabit.mr.itd.umich.edu [141.211.144.17]) by grand.central.org (Postfix) with ESMTP id 17F949C48 for ; Thu, 31 Jan 2002 10:08:39 -0500 (EST) Received: from srb.icpsr.umich.edu (srb.icpsr.umich.edu [141.211.192.183]) by changeofhabit.mr.itd.umich.edu (8.9.3/3.2r) with ESMTP id KAA13859; Thu, 31 Jan 2002 10:08:27 -0500 (EST) Date: Thu, 31 Jan 2002 10:08:29 -0500 From: Steve Burling To: port-darwin@openafs.org Message-ID: <2033573.1012471709@srb.icpsr.umich.edu> X-Mailer: Mulberry/2.1.2 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: [OpenAFS-port-darwin] AFS-related kernel panic on Mac OS X Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: A colleague not on this list asked that I post this here, to see whether anyone knows what might be going on. I've never seen this myself, but... panic (cpu 0): vref used where vget required Lastest stack backtrace for cpu 0: Backtrace: 0x00081568 0x00081908 0x00028080 0x000aa640 0x184fc00c 0x184e9d7c 0x1853137c 0x000aadd0 0x000b5270 0x000b5cc0 0x00180134 0x0017f490 0x00092b88 0x0008ed40 0x00000000 Kernel loadable modules in backtrace: org.openafs.filesystems.afs (1.2.2)@184c9000 Proceeding back via exception chain" Exception state (sv=0x1816c800) PC=0x7000a60c; MSR=0x0000d030; DAR=0x0117000; DSISR=0x42000000; LR=0x00002574; R1=0xbffff720; XCP=0x00000030 (0xc00 - system call) Kernel version: Darwin Kernel Version 5.2: Fri Dec 7 21:39:35 PST 2001; root: xnu/xnu-201.14.obj~1/RELEASE_PPC Debugger (panic) -- Steve ----------------------------------------------------------------------- Steve Burling University of Michigan, ICPSR Voice: +1 734 998.9873 311 Maynard Street FAX: +1 734 998.9905 Ann Arbor, MI 48104-2211 From jackson@CMU.EDU Fri Feb 1 12:25:24 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp6.andrew.cmu.edu (SMTP6.ANDREW.CMU.EDU [128.2.10.86]) by grand.central.org (Postfix) with ESMTP id 2336E9D07 for ; Fri, 1 Feb 2002 12:25:24 -0500 (EST) Received: from [0.0.0.0] (SARATOGA.CC.CMU.EDU [128.2.120.70]) (user=jackson mech=KERBEROS_V4 (0 bits)) by smtp6.andrew.cmu.edu (8.12.2.Beta3/8.12.2.Beta3) with ESMTP id g11HPMKS029287 for ; Fri, 1 Feb 2002 12:25:23 -0500 Date: Fri, 01 Feb 2002 12:25:22 -0500 From: Joseph Jackson To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] AFS-related kernel panic on Mac OS X Message-ID: <10017777.1012566321@[0.0.0.0]> In-Reply-To: <2033573.1012471709@srb.icpsr.umich.edu> References: <2033573.1012471709@srb.icpsr.umich.edu> Originator-Info: login-token=Mulberry:01j5N6avn03dXU7fe+xPD46B+98ZPlv97r6PIA75jG4v4=; token_authority=postmaster@andrew.cmu.edu X-Mailer: Mulberry/2.1.2 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I've seen two or three of these panics over the past two weeks. Before that, I didn't see a single panic with the current version. It may be related to 10.1.2, but the timing doesn't seem to line up. Anyway, I'll see if we can use my machine as a guinea pig for further debugging. Joe Jackson, Carnegie Mellon University. --On 1/31/02 10:08 AM -0500 Steve Burling wrote: > A colleague not on this list asked that I post this here, to see whether > anyone knows what might be going on. I've never seen this myself, but... > > panic (cpu 0): vref used where vget required From arosenbl@umich.edu Tue Feb 5 16:51:26 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from harumscarum.mr.itd.umich.edu (harumscarum.mr.itd.umich.edu [141.211.125.17]) by grand.central.org (Postfix) with ESMTP id BC9879D85 for ; Tue, 5 Feb 2002 16:51:25 -0500 (EST) Received: from student1.us.itd.umich.edu (student1.us.itd.umich.edu [141.213.237.67]) by harumscarum.mr.itd.umich.edu (8.9.3/3.3s) with ESMTP id QAA04237 for ; Tue, 5 Feb 2002 16:51:25 -0500 (EST) Date: Tue, 5 Feb 2002 16:51:24 -0500 Mime-Version: 1.0 (Apple Message framework v480) Content-Type: text/plain; charset=US-ASCII; format=flowed From: Aaron Rosenblum To: port-darwin@openafs.org Content-Transfer-Encoding: 7bit Message-Id: <7FAFD800-1A82-11D6-A0E6-0030656AE108@umich.edu> X-Mailer: Apple Mail (2.480) Subject: [OpenAFS-port-darwin] AFS Home directory root level and finder? Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Hey all, I have successfully installed OpenAFS and configured it for use at my site. I have it set to mount my home directory at /afs. It works very well so far. However, I have noticed that files at the root of my home directory don't show up in the Finder unless I 1) Log Out and Log in again, or 2) Force Quit the finder and make it refresh. Has anyone else experienced this? Is there a work around? I assume that this is an issue with the finder that will be fixed, but I thought I would ask anyways... Aaron From knauel@informatik.uni-tuebingen.de Mon Jul 8 05:56:11 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mx1.informatik.uni-tuebingen.de (mx1.Informatik.Uni-Tuebingen.De [134.2.12.5]) by grand.central.org (Postfix) with ESMTP id B086A9C1E for ; Mon, 8 Jul 2002 05:56:10 -0400 (EDT) Received: from jimi.informatik.uni-tuebingen.de (jimi [134.2.12.83]) by mx1.informatik.uni-tuebingen.de (Postfix) with ESMTP id A30584B2 for ; Mon, 8 Jul 2002 11:56:09 +0200 (MST) Received: from jimi.informatik.uni-tuebingen.de (localhost [127.0.0.1]) by jimi.informatik.uni-tuebingen.de (8.12.2/8.12.2) with ESMTP id g689u93T001061 for ; Mon, 8 Jul 2002 11:56:09 +0200 (CEST) Received: (from knauel@localhost) by jimi.informatik.uni-tuebingen.de (8.12.2/8.12.2/Submit) id g689u9JQ001056; Mon, 8 Jul 2002 11:56:09 +0200 (CEST) X-Authentication-Warning: jimi.informatik.uni-tuebingen.de: knauel set sender to knauel@informatik.uni-tuebingen.de using -f To: port-darwin@openafs.org From: Eric Knauel Date: Mon, 08 Jul 2002 11:56:06 +0200 Message-ID: Lines: 20 User-Agent: Gnus/5.090006 (Oort Gnus v0.06) XEmacs/21.4 (Honest Recruiter, powerpc-apple-darwin5.4) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: [OpenAFS-port-darwin] ubc_release Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Hi, I upgraded my machine to OS X 10.1.5 (Darwin 5.5) recently. The OpenAFS from CVS used to work very fine with OS X 10.1.4 (Darwin 5.4), but now I see lot's of messages like this one in /var/log/system.log: Jul 8 11:41:18 jimi mach_kernel: ubc_release didn't release the reference?! Jul 8 11:41:18 jimi last message repeated 4 times Jul 8 11:43:44 jimi last message repeated 10 times Jul 8 11:53:29 jimi last message repeated 45 times It seems that OpenAFS writes this message. Where can I find more information on what this means? Especially I'd like to find out if it's something harmless or not. ;-) Ciao, Eric -- "Excuse me --- Di Du Du Duuuuh Di Dii --- Huh Weeeheeee" (Albert King) From cg2v@andrew.cmu.edu Mon Jul 8 10:51:15 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp7.andrew.cmu.edu (SMTP7.andrew.cmu.edu [128.2.10.87]) by grand.central.org (Postfix) with ESMTP id 6E28A9C12 for ; Mon, 8 Jul 2002 10:51:15 -0400 (EDT) Received: from sphinx.andrew.cmu.edu (SPHINX.ANDREW.CMU.EDU [128.2.121.9]) (user=cg2v mech=KERBEROS_V4 (0 bits)) by smtp7.andrew.cmu.edu (8.12.3.Beta2/8.12.3.Beta2) with ESMTP id g68EpEtn008115 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NOT) for ; Mon, 8 Jul 2002 10:51:14 -0400 Date: Mon, 08 Jul 2002 10:51:13 -0400 From: Chaskiel M Grundman To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] ubc_release Message-ID: <4020000.1026139873@sphinx.andrew.cmu.edu> In-Reply-To: References: X-Mailer: Mulberry/2.1.2 (Linux/x86) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: --On Monday, July 08, 2002 11:56:06 +0200 Eric Knauel wrote: > It seems that OpenAFS writes this message. Where can I find more > information on what this means? Especially I'd like to find out if > it's something harmless or not. ;-) The message is printed by OpenAFS in src/afs/DARWIN/osi_vm.c:osi_VM_TryReclaim() What it means is that an operation I was using to try and get ubc to stop using stopped having an effect. As to whether or not it's harmless.... The condition the message is warning about in of itself is harmless; however, it's possible that your system will eventually run out of vcache entries and panic. I will have to look at the apple kernel code to see what they changed and what I might be able to do to work around it. From cg2v@andrew.cmu.edu Mon Jul 8 15:29:28 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp7.andrew.cmu.edu (SMTP7.andrew.cmu.edu [128.2.10.87]) by grand.central.org (Postfix) with ESMTP id 7F7499C26 for ; Mon, 8 Jul 2002 15:29:28 -0400 (EDT) Received: from sphinx.andrew.cmu.edu (SPHINX.ANDREW.CMU.EDU [128.2.121.9]) (user=cg2v mech=KERBEROS_V4 (0 bits)) by smtp7.andrew.cmu.edu (8.12.3.Beta2/8.12.3.Beta2) with ESMTP id g68JTRtn023315 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NOT) for ; Mon, 8 Jul 2002 15:29:27 -0400 Date: Mon, 08 Jul 2002 15:29:28 -0400 From: Chaskiel M Grundman To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] ubc_release Message-ID: <8890000.1026156567@sphinx.andrew.cmu.edu> In-Reply-To: <4020000.1026139873@sphinx.andrew.cmu.edu> References: <4020000.1026139873@sphinx.andrew.cmu.edu> X-Mailer: Mulberry/2.1.2 (Linux/x86) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: --On Monday, July 08, 2002 10:51:13 -0400 Chaskiel M Grundman wrote: >> It seems that OpenAFS writes this message. Where can I find more >> information on what this means? Especially I'd like to find out if >> it's something harmless or not. ;-) > > I will have to look at the apple kernel code to see what they changed > and what I might be able to do to work around it. It looks like they haven't changed anything, and the problem is that I never let a process just run in afs for a long period of time. The message is harmless, if annoying. I've made a change to my sources that *should* fix this, and the change should make it into OpenAFS 1.2.6 easily, once I actually test it. From melliott@ncsa.uiuc.edu Mon Aug 5 16:26:42 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mail.ncsa.uiuc.edu (mail.ncsa.uiuc.edu [141.142.2.28]) by grand.central.org (Postfix) with ESMTP id F0F6F9CB4 for ; Mon, 5 Aug 2002 16:26:41 -0400 (EDT) X-Envelope-From: melliott@ncsa.uiuc.edu X-Envelope-To: Received: from [141.142.22.21] (speed.ncsa.uiuc.edu [141.142.22.21]) by mail.ncsa.uiuc.edu (8.11.6/8.11.6) with ESMTP id g75KQgV13003 for ; Mon, 5 Aug 2002 15:26:42 -0500 Mime-Version: 1.0 X-Sender: melliott@mail1.ncsa.uiuc.edu Message-Id: Date: Mon, 5 Aug 2002 15:26:34 -0500 To: port-darwin@openafs.org From: Matt Elliott Content-Type: text/plain; charset="us-ascii" Subject: [OpenAFS-port-darwin] Rename MacOS X packages Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I'd like to rename the Mac OS X OpenAFS.pkg files to include the version number. When I rename the package the install no longer seems to work. Is there something in the OpenAFS.pkg that needs to be modified if you change the file name of the package? -- Matt Elliott Production Systems Infrastructure 217-265-0257 From melliott@ncsa.uiuc.edu Mon Aug 5 16:53:17 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mail.ncsa.uiuc.edu (mail.ncsa.uiuc.edu [141.142.2.28]) by grand.central.org (Postfix) with ESMTP id CA2C59C28 for ; Mon, 5 Aug 2002 16:53:16 -0400 (EDT) X-Envelope-From: melliott@ncsa.uiuc.edu X-Envelope-To: Received: from [141.142.22.21] (speed.ncsa.uiuc.edu [141.142.22.21]) by mail.ncsa.uiuc.edu (8.11.6/8.11.6) with ESMTP id g75KrHV21291 for ; Mon, 5 Aug 2002 15:53:17 -0500 Mime-Version: 1.0 X-Sender: melliott@mail1.ncsa.uiuc.edu Message-Id: In-Reply-To: <30419B1D-A8B3-11D6-B80B-00039300E506@isr.umd.edu> References: <30419B1D-A8B3-11D6-B80B-00039300E506@isr.umd.edu> Date: Mon, 5 Aug 2002 15:53:08 -0500 To: port-darwin@openafs.org From: Matt Elliott Subject: Re: [OpenAFS-port-darwin] Rename MacOS X packages Content-Type: text/plain; charset="us-ascii" Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Ah, A little more digging and a solution. You need to rename the files inside the .pkg wrapper to match the name of the wrapper. So for this last version of OpenAFS I renamed: OpenAFS.pkg -> OpenAFS 1.2.6.pkg And then inside the OpenAFS 1.2.6.pkg/Contents/Resources/: OpenAFS.bom -> OpenAFS 1.2.6.bom OpenAFS.info -> OpenAFS 1.2.6.info OpenAFS.pax.gz -> OpenAFS 1.2.6.pax.gz OpenAFS.post_install -> OpenAFS 1.2.6.post_install OpenAFS.sizes -> OpenAFS 1.2.6.sizes Now the installer works again with the new name. Kind of a pain but at least possible. Thanks for your help Jonathan. At 4:37 PM -0400 8/05/02, Jonathan Z. Simon wrote: > From www.macfixit.com: > >FRI: April 26, 2002 > >Installer pkg files: name change results in open failure > >Dave Paules alerted us to an OS X oddity that we had never noticed >before: If you rename an Installer pkg file, the file will no longer >open after you double-click it. The Installer will launch but the >opening screen of the pkg file does not appear. We are not talking about >removing the pkg extension. Any name change will cause this to happen. >Even using the Open command from the Installer's File menu will not >succeed. Try it. Anyone know what the reason for this is? > >Update: A couple of readers have made the plausible assumption that the >problem is with one of the files inside the package that identifies the >filename and will thus not work with any other name. While something >like this must almost certainly be the case, we have been unable to >determine the exact culprit. It is also surprising, if this explanation >is correct, that every pkg file has this problem, unless the cause is an >attribute that Apple says is required. > >-- >Jonathan Z. Simon >Dept. of Electrical & Computer Engineering/Dept. of Biology >University of Maryland, College Park MD 20742 USA >Office: 1-301-405-3645, Lab: 1-301-405-6581, Fax: 1-301-314-9281 >http://www.isr.umd.edu/Labs/CSSL/ -- Matt Elliott Production Systems Infrastructure 217-265-0257 From jzsimon@isr.umd.edu Mon Aug 5 16:37:41 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from isrmail.isr.umd.edu (isrmail.isr.umd.edu [128.8.111.5]) by grand.central.org (Postfix) with ESMTP id AB3889CBA for ; Mon, 5 Aug 2002 16:37:41 -0400 (EDT) Received: from batman.isr.umd.edu (batman.isr.umd.edu [128.8.140.41]) by isrmail.isr.umd.edu (Mirapoint Messaging Server MOS 3.2.0.52-EA) with ESMTP id AFE02436; Mon, 5 Aug 2002 16:37:41 -0400 (EDT) Date: Mon, 5 Aug 2002 16:37:41 -0400 Subject: Re: [OpenAFS-port-darwin] Rename MacOS X packages Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v482) Cc: port-darwin@openafs.org To: Matt Elliott From: "Jonathan Z. Simon" In-Reply-To: Message-Id: <30419B1D-A8B3-11D6-B80B-00039300E506@isr.umd.edu> Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.482) Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: From www.macfixit.com: FRI: April 26, 2002 Installer pkg files: name change results in open failure Dave Paules alerted us to an OS X oddity that we had never noticed before: If you rename an Installer pkg file, the file will no longer open after you double-click it. The Installer will launch but the opening screen of the pkg file does not appear. We are not talking about removing the pkg extension. Any name change will cause this to happen. Even using the Open command from the Installer's File menu will not succeed. Try it. Anyone know what the reason for this is? Update: A couple of readers have made the plausible assumption that the problem is with one of the files inside the package that identifies the filename and will thus not work with any other name. While something like this must almost certainly be the case, we have been unable to determine the exact culprit. It is also surprising, if this explanation is correct, that every pkg file has this problem, unless the cause is an attribute that Apple says is required. On Monday, August 5, 2002, at 04:26 PM, Matt Elliott wrote: > I'd like to rename the Mac OS X OpenAFS.pkg files to include the version > number. When I rename the package the install no longer seems to > work. Is > there something in the OpenAFS.pkg that needs to be modified if you > change > the file name of the package? > > > -- > > > Matt Elliott Production Systems Infrastructure > 217-265-0257 > _______________________________________________ > port-darwin mailing list > port-darwin@openafs.org > https://lists.openafs.org/mailman/listinfo/port-darwin > -- Jonathan Z. Simon Dept. of Electrical & Computer Engineering/Dept. of Biology University of Maryland, College Park MD 20742 USA Office: 1-301-405-3645, Lab: 1-301-405-6581, Fax: 1-301-314-9281 http://www.isr.umd.edu/Labs/CSSL/ From Endler@ipp.mpg.de Fri Aug 9 04:21:20 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from post.rzg.mpg.de (post.rzg.mpg.de [130.183.9.21]) by grand.central.org (Postfix) with ESMTP id B9E949C27 for ; Fri, 9 Aug 2002 04:21:19 -0400 (EDT) Received: from [130.183.65.191] (MACendler.ipp.mpg.de [130.183.65.191]) by post.rzg.mpg.de (8.9.2/8.9.2) with ESMTP id KAA146770 for ; Fri, 9 Aug 2002 10:21:18 +0200 Mime-Version: 1.0 X-Sender: endler@mailhost.ipp-hgw.mpg.de Message-Id: Date: Fri, 9 Aug 2002 10:23:39 +0200 To: port-darwin@openafs.org From: Michael Endler Content-Type: text/plain; charset="us-ascii" ; format="flowed" Subject: [OpenAFS-port-darwin] access right problem from Finder Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I installed OpenAFS on a MAC OS 10.1.5 system and the access to my afs cell works as expected from the Terminal (either Apple's terminal window or XDarwin), i. e., I have "user" access rights to all my files as from any other Unix system. However, from the Finder or from any program using the graphical interface to open/save files, I have only the access rights of "others" to my files. I didn't find any remark on this in the discussion group. Is this a natural behaviour or is it unusual or am I doing something wrong? Michael. From melliott@ncsa.uiuc.edu Fri Aug 9 11:43:33 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mail.ncsa.uiuc.edu (mail.ncsa.uiuc.edu [141.142.2.28]) by grand.central.org (Postfix) with ESMTP id 87F239C4B for ; Fri, 9 Aug 2002 11:43:33 -0400 (EDT) X-Envelope-From: melliott@ncsa.uiuc.edu X-Envelope-To: port-darwin@openafs.org Received: from [141.142.22.21] (speed.ncsa.uiuc.edu [141.142.22.21]) by mail.ncsa.uiuc.edu (8.11.6/8.11.6) with ESMTP id g79FhXV31125; Fri, 9 Aug 2002 10:43:33 -0500 Mime-Version: 1.0 X-Sender: melliott@mail1.ncsa.uiuc.edu Message-Id: In-Reply-To: References: Date: Fri, 9 Aug 2002 10:43:24 -0500 To: Michael Endler , port-darwin@openafs.org From: Matt Elliott Subject: Re: [OpenAFS-port-darwin] access right problem from Finder Content-Type: text/plain; charset="us-ascii" Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: My guess would be that your user id in MacOS X doesn't match your afs user id. If you change your user id on Mac OS X I suspect your problem will go away. At 10:23 AM +0200 8/09/02, Michael Endler wrote: >I installed OpenAFS on a MAC OS 10.1.5 system and the access to my >afs cell works as expected from the Terminal (either Apple's terminal >window or XDarwin), i. e., I have "user" access rights to all my >files as from any other Unix system. However, from the Finder or from >any program using the graphical interface to open/save files, I have >only the access rights of "others" to my files. > >I didn't find any remark on this in the discussion group. Is this a >natural behaviour or is it unusual or am I doing something wrong? > >Michael. >_______________________________________________ >port-darwin mailing list >port-darwin@openafs.org >https://lists.openafs.org/mailman/listinfo/port-darwin -- Matt Elliott Production Systems Infrastructure 217-265-0257 From cg2v@andrew.cmu.edu Fri Aug 9 11:54:20 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp6.andrew.cmu.edu (SMTP6.andrew.cmu.edu [128.2.10.86]) by grand.central.org (Postfix) with ESMTP id 13D489D07 for ; Fri, 9 Aug 2002 11:54:20 -0400 (EDT) Received: from sphinx.andrew.cmu.edu (SPHINX.andrew.cmu.edu [128.2.121.9]) (user=cg2v mech=KERBEROS_V4 (0 bits)) by smtp6.andrew.cmu.edu (8.12.3.Beta2/8.12.3.Beta2) with ESMTP id g79FsIOA018894 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NOT) for ; Fri, 9 Aug 2002 11:54:19 -0400 Date: Fri, 09 Aug 2002 11:54:18 -0400 From: Chaskiel M Grundman To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] access right problem from Finder Message-ID: <9730000.1028908458@sphinx.andrew.cmu.edu> In-Reply-To: References: Originator-Info: login-id=cg2v; server=cyrus.andrew.cmu.edu; token_authority=postmaster@andrew.cmu.edu X-Mailer: Mulberry/2.1.2 (Linux/x86) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: --On Friday, August 09, 2002 10:23:39 +0200 Michael Endler wrote: > However, from the Finder or from any program using > the graphical interface to open/save files, I have only the access rights > of "others" to my files. This is expected behavior when your AFS pts id and your Mac OS uid are not the same. The Carbon libraries use information from stat() to make access control decisions that they have no buisiness making in the first place. This has been discussed before. Unless and until apple switches from the stat(2) method to the access(2) method of determining effective permissions, the only workaround is to synchronize uids. From ahltorp@nada.kth.se Fri Aug 9 12:48:25 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from ocho.nada.kth.se (ocho.nada.kth.se [130.237.222.76]) by grand.central.org (Postfix) with ESMTP id EB9349CEC for ; Fri, 9 Aug 2002 12:48:24 -0400 (EDT) Received: (from ahltorp@localhost) by ocho.nada.kth.se (8.9.3+Sun/8.9.3) id SAA17993; Fri, 9 Aug 2002 18:48:20 +0200 (MEST) X-Authentication-Warning: ocho.nada.kth.se: ahltorp set sender to ahltorp@nada.kth.se using -f To: Chaskiel M Grundman Cc: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] access right problem from Finder References: <9730000.1028908458@sphinx.andrew.cmu.edu> From: Magnus Ahltorp Content-Type: text/plain; charset="iso-8859-1" Content-Language: en Date: 09 Aug 2002 18:48:20 +0200 In-Reply-To: Chaskiel M Grundman's message of "Fri, 09 Aug 2002 11:54:18 -0400" Message-ID: Lines: 20 User-Agent: Gnus/5.0807 (Gnus v5.8.7) Emacs/20.7 MIME-Version: 1.0 Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: > > However, from the Finder or from any program using > > the graphical interface to open/save files, I have only the access rights > > of "others" to my files. > This is expected behavior when your AFS pts id and your Mac OS uid are > not the same. The Carbon libraries use information from stat() to make > access control decisions that they have no buisiness making in the > first place. > > This has been discussed before. Unless and until apple switches from > the stat(2) method to the access(2) method of determining effective > permissions, the only workaround is to synchronize uids. Apple implementing access(2) is of course the correct solution. In Arla, we have implemented another workaround that fakes the mode bits according to your permissons. Unfortunately, it isn't a complete workaround to synchronize uids, since it won't work for files that you have access to, but don't own. /Magnus From jessicat@jmug.org Thu Aug 15 23:39:24 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from cats.ucsc.edu (cats-mx2.ucsc.edu [128.114.129.35]) by grand.central.org (Postfix) with ESMTP id B835E9C0C for ; Thu, 15 Aug 2002 23:39:23 -0400 (EDT) Received: from p-d0407.resnet.ucsc.edu (p-d0407.resnet.ucsc.edu [169.233.29.151]) by cats.ucsc.edu (8.10.1/8.10.1) with ESMTP id g7G3ctg14896 for ; Thu, 15 Aug 2002 20:38:55 -0700 (PDT) Date: Thu, 15 Aug 2002 20:38:55 -0700 Mime-Version: 1.0 (Apple Message framework v482) Content-Type: text/plain; charset=US-ASCII; format=flowed From: "Andrew W. Hill" To: port-darwin@openafs.org Content-Transfer-Encoding: 7bit Message-Id: X-Mailer: Apple Mail (2.482) X-UCSC-CATS-MailScanner: Found to be clean Subject: [OpenAFS-port-darwin] Newbie Question Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Hi, sorry if this is the wrong place to post this... I'm trying to mount my university's AFS files on my Mac. I downloaded the Darwin version from openafs.org, but being somewhat of a UNIX newbie I can't figure out how to install. I didn't see a README or a Makefile anywhere. I tried the online documentation but it didn't seem to say anything about the darwin version anywhere, and I couldn't make heads nor tails of the other docs anyway. TIA Aqua From jackson@CMU.EDU Fri Aug 16 09:59:33 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp5.andrew.cmu.edu (SMTP5.andrew.cmu.edu [128.2.10.85]) by grand.central.org (Postfix) with ESMTP id D1A299BE4 for ; Fri, 16 Aug 2002 09:59:32 -0400 (EDT) Received: from saratoga.cc.cmu.edu (SARATOGA.CC.cmu.edu [128.2.6.34]) (user=jackson mech=KERBEROS_V4 (0 bits)) by smtp5.andrew.cmu.edu (8.12.3.Beta2/8.12.3.Beta2) with ESMTP id g7GDxTYi007580; Fri, 16 Aug 2002 09:59:30 -0400 Date: Fri, 16 Aug 2002 09:59:29 -0400 From: Joseph Jackson To: "Andrew W. Hill" , port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] Newbie Question Message-ID: <5258502.1029491969@saratoga.cc.cmu.edu> In-Reply-To: References: Originator-Info: login-token=Mulberry:01nEmZJAaq/I/hoxZ40aYXoixzEE3ydf2l9f+2DlLTmB0=; token_authority=postmaster@andrew.cmu.edu X-Mailer: Mulberry/2.2.1 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: After running the OpenAFS installer package, you need to put your local AFS cell name in the file "/var/db/openafs/etc/ThisCell". Here's one way to do that: Log in as an administrator, if you're not already Open a Terminal window Type the command "sudo -s" Enter the password for the admin account Type the command "echo cats.ucsc.edu > /var/db/openafs/etc/ThisCell" If "cats.ucsc.edu" isn't your cell name, correct that as necessary. After rebooting, OpenAFS should be running. In a Terminal window, you can run the command "mount" to verify that you see this line: AFS on /Network/afs That should get you started. Joe Jackson, Carnegie Mellon University. From akosut@Stanford.EDU Fri Aug 16 15:37:05 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from saga20.Stanford.EDU (saga20.Stanford.EDU [171.64.15.150]) by grand.central.org (Postfix) with ESMTP id 2CCE39C50 for ; Fri, 16 Aug 2002 15:37:05 -0400 (EDT) Received: (from akosut@localhost) by saga20.Stanford.EDU (8.11.6/8.11.6) id g7GJb4w19347 for port-darwin@openafs.org; Fri, 16 Aug 2002 12:37:04 -0700 (PDT) Date: Fri, 16 Aug 2002 12:37:04 -0700 From: Alexei Kosut To: port-darwin@openafs.org Message-ID: <20020816193704.GA19195@stanford.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4i Subject: [OpenAFS-port-darwin] Kernel panics with OpenAFS and Mac OS X 10.2 Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Has anyone else experienced kernel panics using the current version of OpenAFS with Mac OS X 10.2? I am able to get OpenAFS 1.2.6 running with only a few small tweaks to the rc script, and for the most part it seems to work fine, except when I work with directories that have a lot of files or subdirectories (which, annoyingly, includes my home directory). For example, the following reliably crashes my iMac (no AFS token is required): > cd /afs/ir.stanford.edu/users/a/k/akosut > \ls > cat public/hello.txt Immediately after displaying the file, I get a kernel panic with the message "ubc_rele: ui_refcount". My guess is that listing a large enough directory causes something to be disrupted such that a file being closed can trigger the panic. Has anyone experienced this, or have any suggestions for how to fix it? My Darwin kernel experience is, unfortunately, not significant enough to be able to solve this problem. -- Alexei Kosut From cg2v@andrew.cmu.edu Fri Aug 16 16:11:41 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp5.andrew.cmu.edu (SMTP5.andrew.cmu.edu [128.2.10.85]) by grand.central.org (Postfix) with ESMTP id BC3179C46 for ; Fri, 16 Aug 2002 16:11:41 -0400 (EDT) Received: from sphinx.andrew.cmu.edu (SPHINX.andrew.cmu.edu [128.2.121.9]) (user=cg2v mech=GSSAPI (0 bits)) by smtp5.andrew.cmu.edu (8.12.3.Beta2/8.12.3.Beta2) with ESMTP id g7GKBdYj025841 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NOT) for ; Fri, 16 Aug 2002 16:11:40 -0400 Date: Fri, 16 Aug 2002 16:11:40 -0400 From: Chaskiel M Grundman To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] Kernel panics with OpenAFS and Mac OS X 10.2 Message-ID: <123940000.1029528700@sphinx.andrew.cmu.edu> In-Reply-To: <20020816193704.GA19195@stanford.edu> References: <20020816193704.GA19195@stanford.edu> Originator-Info: login-id=cg2v; server=cyrus.andrew.cmu.edu; token_authority=postmaster@andrew.cmu.edu X-Mailer: Mulberry/2.1.2 (Linux/x86) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: --On Friday, August 16, 2002 12:37:04 -0700 Alexei Kosut wrote: > Immediately after displaying the file, I get a kernel panic with the > message "ubc_rele: ui_refcount". My guess is that listing a large > enough directory causes something to be disrupted such that a file > being closed can trigger the panic. We've seen this too, and I've been working on it a bit (but mac stuff isn't high-priority for me), but I have not figured out what changed that's causing it, or what afs is doing incorrectly. It does *not* seem to be related to directory access, but to a problem relating to the initialization of ubc when plain files are opened. From bil_hays@unc.edu Fri Aug 16 20:32:51 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from c003.snv.cp.net (h000.c003.snv.cp.net [209.228.32.214]) by grand.central.org (Postfix) with SMTP id EB1DD9C4F for ; Fri, 16 Aug 2002 20:32:50 -0400 (EDT) Received: (cpmta 14123 invoked from network); 16 Aug 2002 17:32:49 -0700 Received: from 64.34.84.49 (HELO dsl-64-34-84-49.telocity.com) by smtp.telocity.com (209.228.32.214) with SMTP; 16 Aug 2002 17:32:49 -0700 X-Sent: 17 Aug 2002 00:32:49 GMT Date: Fri, 16 Aug 2002 20:32:49 -0400 From: bil To: port-darwin@openafs.org Message-ID: <5591712.1029529969@dsl-64-34-84-49.telocity.com> In-Reply-To: <20020816160105.BAA449CA4@grand.central.org> References: <20020816160105.BAA449CA4@grand.central.org> X-Mailer: Mulberry/2.1.1 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: [OpenAFS-port-darwin] Re: port-darwin digest, Vol 1 #46 - 2 msgs Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: This might help (step 4 is optional even at unc, it's just to have your home dir locally map to your afs space). http://www.unc.edu/atn/dci/dci_components/afs/install/afs-macosX.html --On Friday, August 16, 2002 12:01 PM -0400 port-darwin-request@openafs.org wrote: > Send port-darwin mailing list submissions to > port-darwin@openafs.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.openafs.org/mailman/listinfo/port-darwin > or, via email, send a message with subject or body 'help' to > port-darwin-request@openafs.org > > You can reach the person managing the list at > port-darwin-admin@openafs.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of port-darwin digest..." > > > Today's Topics: > > 1. Newbie Question (Andrew W. Hill) > 2. Re: Newbie Question (Joseph Jackson) > > --__--__-- > > Message: 1 > Date: Thu, 15 Aug 2002 20:38:55 -0700 > From: "Andrew W. Hill" > To: port-darwin@openafs.org > Subject: [OpenAFS-port-darwin] Newbie Question > > Hi, sorry if this is the wrong place to post this... > > I'm trying to mount my university's AFS files on my Mac. I downloaded > the Darwin version from openafs.org, but being somewhat of a UNIX newbie > I can't figure out how to install. I didn't see a README or a Makefile > anywhere. I tried the online documentation but it didn't seem to say > anything about the darwin version anywhere, and I couldn't make heads > nor tails of the other docs anyway. > > TIA > Aqua > > > --__--__-- > > Message: 2 > Date: Fri, 16 Aug 2002 09:59:29 -0400 > From: Joseph Jackson > To: "Andrew W. Hill" , port-darwin@openafs.org > Subject: Re: [OpenAFS-port-darwin] Newbie Question > > After running the OpenAFS installer package, you need to put your local > AFS cell name in the file "/var/db/openafs/etc/ThisCell". Here's one way > to do that: > > Log in as an administrator, if you're not already > Open a Terminal window > Type the command "sudo -s" > Enter the password for the admin account > Type the command "echo cats.ucsc.edu > > /var/db/openafs/etc/ThisCell" > > If "cats.ucsc.edu" isn't your cell name, correct that as necessary. > > After rebooting, OpenAFS should be running. In a Terminal window, you can > run the command "mount" to verify that you see this line: > AFS on /Network/afs > > That should get you started. > > Joe Jackson, > Carnegie Mellon University. > > > > --__--__-- > > _______________________________________________ > port-darwin mailing list > port-darwin@openafs.org > https://lists.openafs.org/mailman/listinfo/port-darwin > > > End of port-darwin Digest From valerio@cns.nyu.edu Wed Aug 21 13:28:28 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from calaf.cns.nyu.edu (CALAF.CNS.NYU.EDU [128.122.112.26]) by grand.central.org (Postfix) with ESMTP id 4F8DA9C09 for ; Wed, 21 Aug 2002 13:28:28 -0400 (EDT) Received: from cns.nyu.edu (babette.cns.nyu.edu [128.122.112.24]) by calaf.cns.nyu.edu (8.9.1b+Sun/8.9.1) with ESMTP id NAA16282 for ; Wed, 21 Aug 2002 13:28:23 -0400 (EDT) Message-ID: <3D63CD74.9010908@cns.nyu.edu> Date: Wed, 21 Aug 2002 13:27:16 -0400 From: Valerio Luccio User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.4.1) Gecko/20020508 Netscape6/6.2.3 X-Accept-Language: en-us MIME-Version: 1.0 To: port-darwin@openafs.org Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: [OpenAFS-port-darwin] Server on MAC Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Hi, I'm new to AFS and to Mac. I'm trying to install an AFS server on a Mac OS X and I'm stumped. Unfortunately in the AFS docs there are no instructions for Mac so I'm trying to see if I can "adapt" the instructions from other OSs, but I haven't been too successfull. My first question is: how do I tell the bossever which is the AFS partition I want to "export" ? Under linux the AFS partitions are named /vicepxx, but under the Mac the partitions are created by default under /Volumes. Should the AFS partition be /Volumes/vicepxx ? Next problem. I tried to use the "bos setcellname" command, but I get the message "could not find entry (can't find cell '' in cell databse). What does it mean ? Also should the server name and cell name be the full name of my machine (e.g., "goofy.cns.nyu.edu") ? Thanks, -- Valerio Luccio Center For Neural Science New York University "In an open world, who needs windows or gates?" From jzsimon@eng.umd.edu Thu Aug 22 18:13:15 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from isrmail.isr.umd.edu (isrmail.isr.umd.edu [128.8.111.5]) by grand.central.org (Postfix) with ESMTP id B0A769C22 for ; Thu, 22 Aug 2002 18:13:14 -0400 (EDT) Received: from batman.isr.umd.edu (batman.isr.umd.edu [128.8.140.41]) by isrmail.isr.umd.edu (Mirapoint Messaging Server MOS 3.2.0-GA) with ESMTP id AFM01760; Thu, 22 Aug 2002 18:13:14 -0400 (EDT) Date: Thu, 22 Aug 2002 18:13:13 -0400 Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v482) From: "Jonathan Z. Simon" To: port-darwin@openafs.org Content-Transfer-Encoding: 7bit In-Reply-To: <5591712.1029529969@dsl-64-34-84-49.telocity.com> Message-Id: <59EB8714-B61C-11D6-992D-00039300E506@eng.umd.edu> X-Mailer: Apple Mail (2.482) Subject: [OpenAFS-port-darwin] klog/klist errors Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I'm hoping this is an error somebody's seen before. I'd be happy to provide more detailed information either way. I followed the suggestions from http://www.unc.edu/atn/dci/dci_components/afs/install/afs-macosX.html (with the appropriate changes to use glue.umd.edu instead of unc.edu cells) on my G4 Tower (10.1.5) and it worked beautifully: I can edit files, save changes, etc. in my "glue" home directory. I repeated those steps on my G4 Powerbook (10.1.5). Afs works but I can't get a kerberos ticket. Specifically, I have have read access to any afs directory which has read permission for anyuser, but 'klist' just hangs, and 'klog' gives the error: ----- dyld: klog multiple definitions of symbol _xdr_opaque klog definition of _xdr_opaque /usr/lib/libSystem.B.dylib(xdr.o) definition of _xdr_opaque ----- Does this ring any bells? Jonathan -- Jonathan Z. Simon Dept. of Electrical & Computer Engineering/Dept. of Biology University of Maryland, College Park MD 20742 USA http://www.isr.umd.edu/Labs/CSSL/ From ssen@MIT.EDU Thu Aug 22 18:23:25 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.7.7.76]) by grand.central.org (Postfix) with ESMTP id 9758A9C3A for ; Thu, 22 Aug 2002 18:23:25 -0400 (EDT) Received: from grand-central-station.mit.edu (GRAND-CENTRAL-STATION.MIT.EDU [18.7.21.82]) by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id SAA03888; Thu, 22 Aug 2002 18:23:25 -0400 (EDT) Received: from melbourne-city-street.mit.edu (MELBOURNE-CITY-STREET.MIT.EDU [18.7.21.86]) by grand-central-station.mit.edu (8.9.2/8.9.2) with ESMTP id SAA12910; Thu, 22 Aug 2002 18:23:24 -0400 (EDT) Received: from ssen.local. (ip68-0-214-50.ri.ri.cox.net [68.0.214.50]) by melbourne-city-street.mit.edu (8.9.2/8.9.2) with ESMTP id SAA10411; Thu, 22 Aug 2002 18:23:23 -0400 (EDT) Date: Thu, 22 Aug 2002 18:23:20 -0400 Subject: Re: [OpenAFS-port-darwin] klog/klist errors Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v543) Cc: port-darwin@openafs.org To: "Jonathan Z. Simon" From: Shantonu Sen In-Reply-To: <59EB8714-B61C-11D6-992D-00039300E506@eng.umd.edu> Message-Id: Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.543) Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: You don't have DYLD_FORCE_FLAT_NAMESPACE set in any dot files on the powerbook, do you? What is the output of "printenv" Shantonu On Thursday, August 22, 2002, at 06:13 PM, Jonathan Z. Simon wrote: > I'm hoping this is an error somebody's seen before. I'd be happy to > provide more detailed information either way. > > I followed the suggestions from > http://www.unc.edu/atn/dci/dci_components/afs/install/afs-macosX.html > (with the appropriate changes to use glue.umd.edu instead of unc.edu > cells) on my G4 Tower (10.1.5) and it worked beautifully: I can edit > files, save changes, etc. in my "glue" home directory. > > I repeated those steps on my G4 Powerbook (10.1.5). Afs works but I > can't get a kerberos ticket. Specifically, I have have read access to > any afs directory which has read permission for anyuser, but 'klist' > just hangs, and 'klog' gives the error: > ----- > dyld: klog multiple definitions of symbol _xdr_opaque > klog definition of _xdr_opaque > /usr/lib/libSystem.B.dylib(xdr.o) definition of _xdr_opaque > ----- > > Does this ring any bells? > > Jonathan > > -- > Jonathan Z. Simon > Dept. of Electrical & Computer Engineering/Dept. of Biology > University of Maryland, College Park MD 20742 USA > http://www.isr.umd.edu/Labs/CSSL/ > > _______________________________________________ > port-darwin mailing list > port-darwin@openafs.org > https://lists.openafs.org/mailman/listinfo/port-darwin From jzsimon@eng.umd.edu Fri Aug 23 08:47:28 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from isrmail.isr.umd.edu (isrmail.isr.umd.edu [128.8.111.5]) by grand.central.org (Postfix) with ESMTP id 410D59C2A for ; Fri, 23 Aug 2002 08:47:28 -0400 (EDT) Received: from batman.isr.umd.edu (batman.isr.umd.edu [128.8.140.41]) by isrmail.isr.umd.edu (Mirapoint Messaging Server MOS 3.2.0-GA) with ESMTP id AFN00117; Fri, 23 Aug 2002 08:47:11 -0400 (EDT) Date: Fri, 23 Aug 2002 08:47:10 -0400 Subject: Re: [OpenAFS-port-darwin] klog/klist errors Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v482) Cc: port-darwin@openafs.org To: Shantonu Sen From: "Jonathan Z. Simon" In-Reply-To: Message-Id: <70AFA22A-B696-11D6-916E-00039300E506@eng.umd.edu> Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.482) Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Shantonu, Yes I do. :( > printenv ... DYLD_INSERT_LIBRARIES=/sw/lib/xpg4/libxpg4.dylib DYLD_FORCE_FLAT_NAMESPACE=1 ... They are set by fink's libxpg4 package. I will try removing that package... Now klog works! Thank you thank you. Jonathan On Thursday, August 22, 2002, at 06:23 PM, Shantonu Sen wrote: > You don't have DYLD_FORCE_FLAT_NAMESPACE set in any dot files on the > powerbook, do you? What is the output of "printenv" > > Shantonu > > On Thursday, August 22, 2002, at 06:13 PM, Jonathan Z. Simon wrote: > >> I'm hoping this is an error somebody's seen before. I'd be happy to >> provide more detailed information either way. >> >> I followed the suggestions from >> http://www.unc.edu/atn/dci/dci_components/afs/install/afs-macosX.html >> (with the appropriate changes to use glue.umd.edu instead of unc.edu >> cells) on my G4 Tower (10.1.5) and it worked beautifully: I can edit >> files, save changes, etc. in my "glue" home directory. >> >> I repeated those steps on my G4 Powerbook (10.1.5). Afs works but I >> can't get a kerberos ticket. Specifically, I have have read access to >> any afs directory which has read permission for anyuser, but 'klist' >> just hangs, and 'klog' gives the error: >> ----- >> dyld: klog multiple definitions of symbol _xdr_opaque >> klog definition of _xdr_opaque >> /usr/lib/libSystem.B.dylib(xdr.o) definition of _xdr_opaque >> ----- >> >> Does this ring any bells? >> >> Jonathan > _______________________________________________ > port-darwin mailing list > port-darwin@openafs.org > https://lists.openafs.org/mailman/listinfo/port-darwin > -- Jonathan Z. Simon Dept. of Electrical & Computer Engineering/Dept. of Biology University of Maryland, College Park MD 20742 USA Office: 1-301-405-3645, Lab: 1-301-405-6581, Fax: 1-301-314-9281 http://www.isr.umd.edu/Labs/CSSL/ From jzsimon@eng.umd.edu Mon Aug 26 11:43:45 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from isrmail.isr.umd.edu (isrmail.isr.umd.edu [128.8.111.5]) by grand.central.org (Postfix) with ESMTP id 6EBDC9BE4 for ; Mon, 26 Aug 2002 11:43:45 -0400 (EDT) Received: from batman.isr.umd.edu (batman.isr.umd.edu [128.8.140.41]) by isrmail.isr.umd.edu (Mirapoint Messaging Server MOS 3.2.0-GA) with ESMTP id AFN08485; Mon, 26 Aug 2002 11:43:28 -0400 (EDT) Date: Mon, 26 Aug 2002 11:43:28 -0400 Subject: Re: [OpenAFS-port-darwin] Re: Newbie Question Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v482) Cc: bil To: port-darwin@openafs.org From: "Jonathan Z. Simon" In-Reply-To: <5591712.1029529969@dsl-64-34-84-49.telocity.com> Message-Id: <90EFE6C6-B90A-11D6-BD78-00039300E506@eng.umd.edu> Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.482) Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I found the UNC guide extremely helpful in getting openafs up and running. I wrote a csh script that automates some of the steps in the UNC guide below. It changes the uid of a user via NetInfo (actually niutils) and it uses find to update the necessary file uids. [It does not require a root account (I prefer to do everything via sudo), it does a moderate amount of error checking (does the user exist? is the new uid already in use? are you trying to change the account from which you are working from? etc.), and it echoes an example of how to change files on non-root partitions.] I've put it at http://www.isr.umd.edu/~jzsimon/afs/changeUpdateUID and I hope it's useful for someone out there (comments are welcome). Finally, Bil, I have one important comment about your afs-macosX help page: The line cp -pR /Users//* /Users/ is very dangerous on a typical Mac OS X account, because it will mangle files that have resource forks (including any alias files) by ignoring the resource fork completely. You should strongly consider using "CpMac -r -p" or "ditto -rsrc" instead. Unfortunately neither of of these options is a drop-in replacement for cp. CpMac doesn't maintain creation & modification dates (it maintains permissions whenever I use it, but there are claims on the web that it doesn't always do that). ditto is much more intelligent, but it will merger directories rather than just copy them, so it requires an extra step of removing any files that are already present. For a good discussion see http://www.macdevcenter.com/pub/a/mac/2002/07/02/terminal_5.html Jonathan On Friday, August 16, 2002, at 08:32 PM, bil wrote: > This might help (step 4 is optional even at unc, it's just to have your > home dir locally map to your afs space). > > http://www.unc.edu/atn/dci/dci_components/afs/install/afs-macosX.html > -- Jonathan Z. Simon Dept. of Electrical & Computer Engineering/Dept. of Biology University of Maryland, College Park MD 20742 USA Office: 1-301-405-3645, Lab: 1-301-405-6581, Fax: 1-301-314-9281 http://www.isr.umd.edu/Labs/CSSL/ From bbiswas@email.unc.edu Fri Sep 6 15:43:58 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp.unc.edu (smtpsrv12.isis.unc.edu [152.2.1.243]) by grand.central.org (Postfix) with ESMTP id DDA729C29 for ; Fri, 6 Sep 2002 15:43:57 -0400 (EDT) Received: from truelove.oit.unc.edu (truelove.oit.unc.edu [152.2.22.158]) by smtp.unc.edu (8.12.2/8.12.2) with ESMTP id g86Jh57W003304 for ; Fri, 6 Sep 2002 15:43:06 -0400 (EDT) Date: Fri, 06 Sep 2002 15:43:06 -0400 From: Brian Biswas To: port-darwin@openafs.org Message-ID: <11709490.1031326986@truelove.oit.unc.edu> X-Mailer: Mulberry/2.2.0 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: [OpenAFS-port-darwin] Mac 10.2 port? Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Does anyone know when an openafs port to 10.2 will be available? Is anything out there for testing? --Brian Biswas From ragge@nada.kth.se Tue Sep 17 00:15:30 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp0.nada.kth.se (smtp0.nada.kth.se [130.237.222.202]) by grand.central.org (Postfix) with ESMTP id 07E5C9C01 for ; Tue, 17 Sep 2002 00:15:30 -0400 (EDT) X-Authentication-Info: Sender authentication was Received: from [10.0.1.41] (h71n2fls31o827.telia.com [213.66.180.71]) (authenticated bits=0) by smtp0.nada.kth.se (8.12.1/8.12.1) with ESMTP id g8H4FSXq007720 for ; Tue, 17 Sep 2002 06:15:28 +0200 (MEST) Date: Tue, 17 Sep 2002 06:15:04 +0200 From: Ragnar Sundblad To: port-darwin@openafs.org Message-ID: <615222983.1032243304@[10.0.1.41]> X-Mailer: Mulberry/2.2.1 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: We have home directories in afs and therefore need to have tokens set up at login time before the dock, finder and friends start. For Mac OS < 10.2 we have used an NeXT style loginwindow authenticator, but those hooks are ripped out in 10.2. We are now instead using the apple (mit) kerberos for authentication, but it doesn't know anything about afs tokens (sadly :-). There are several places to plug in now, but none of them seems really fit for this. In addition, the apis are either explicitely private or seems to be in flux. I have written a plugin to the kerberos ticket cache that gets notified when there are certain changes to the cache, I guess when the TGTs are installed or replaced or something like that. It seems to do the work, but is kind of ugly, in several ways: - Due to problems with the krbafs lib and the apple kerberos I had to fall back to heimdal with a cache handler that reads from apple's cache. The plugin is now 1,5MB, statically linked to avoid soaking in apple kerberos which it otherwise is very keen on. - Due to how the processes are set up and what gets run how and when and from where I have to use per uid tokens instead of per process group tokens (we did that before too but still not what one would like.) - The only time I can get at the tickets the plugin is runs as root with no information on what user this is all about, so I have to the lift out the username from the credentials caches' principal and setuid to that user to install the tokens. I am not sure if this could be a problem, securitywise or otherwise. There are some other possibilities: - Set up a real per-process-group pag from loginwindow or something somehow, and use that to avoid setuiding and do other ugly stuff. I am not sure how loginwindow and WindowServer do their things, though, I think loginwindow starts WindowServer when it needs to, but they seem to live together in some symbiotic way, and both have 1 as parent pid. Maybe a wrapped loginwindow called from init (/etc/ttys) could set up a pag. - Maybe one could write a authorization plugin that does what we want, put those apis are private, at least for now. - Since darwin/Mac OS X actually has some kind of environment that does more or less what the pretty ugly afs pag things does, one maybe could use that instead. There is some per-session mach port world, and I guess the SecurityServer tries to do something similar but maybe more secure or something. I am not very initiated in how any of those systems really work. I am not sure it would help very much either, more than perhaps to connect the user session with the SecurityAgent which otherwise live in completely different worlds (process trees). Also, we currently don't have anything renewing renawable tickets and getting new afs tokens every now and then. We had a separate app for that in pre 10.2, it could problably be ported pretty easily, but should maybe be thought over again. At loginhook time there is no ticket cache available anywhere. That might change when apple continues to develop the authorization things, and if so things could maybe, just maybe be a little easier. We still need a way to renew tokens, though. How are everybody else doing console login time afslog-ing with Mac OS X 10.2? /ragge From dwb7@ccmr.cornell.edu Tue Sep 17 23:59:52 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mercury.ccmr.cornell.edu (mercury.ccmr.cornell.edu [128.84.231.97]) by grand.central.org (Postfix) with ESMTP id 17F2C9BDE for ; Tue, 17 Sep 2002 23:59:52 -0400 (EDT) Received: from domino.ccmr.cornell.edu (domino.ccmr.cornell.edu [128.84.231.91]) by mercury.ccmr.cornell.edu (8.9.3/8.9.3) with ESMTP id XAA10794 for ; Tue, 17 Sep 2002 23:59:51 -0400 Received: (from dwb7@localhost) by domino.ccmr.cornell.edu (8.12.3/8.12.3) id g8I3xpKR031859 for port-darwin@openafs.org; Tue, 17 Sep 2002 23:59:51 -0400 X-Authentication-Warning: domino.ccmr.cornell.edu: dwb7 set sender to dwb7@ccmr.cornell.edu using -f Date: Tue, 17 Sep 2002 23:59:51 -0400 From: David Botsch To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] Mac 10.2 port? Message-ID: <20020917235951.A31855@ccmr.cornell.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Has anyone tried pam yet (the new auth for OS X.2)? After some fooling, I just about have it compiling the pam modules for Jaguar. Once I test those, I'll post the results here. If it works like the linux modules, it should do what you want. For 10.1, we had a nice kludge . . kerbeors login authenticator followed by auto execution of aklog which took the obtained tgt and was able to use it to get an afs token. Heh, it would be interesting to build openssh under darwin to do token passing. -- ******************************** David William Botsch Consultant/Advisor II CCMR Computing Facility dwb7@ccmr.cornell.edu ******************************** From akosut@Stanford.EDU Mon Sep 30 16:13:58 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from saga13.Stanford.EDU (saga13.Stanford.EDU [171.64.15.143]) by grand.central.org (Postfix) with ESMTP id B15449D73 for ; Mon, 30 Sep 2002 16:13:57 -0400 (EDT) Received: (from akosut@localhost) by saga13.Stanford.EDU (8.11.6/8.11.6) id g8UKDiR17870; Mon, 30 Sep 2002 13:13:44 -0700 (PDT) Date: Mon, 30 Sep 2002 13:13:44 -0700 From: Alexei Kosut To: Ragnar Sundblad Cc: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <20020930201344.GA16624@stanford.edu> References: <615222983.1032243304@[10.0.1.41]> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <615222983.1032243304@[10.0.1.41]> User-Agent: Mutt/1.4i Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: On Tue, Sep 17, 2002 at 06:15:04AM +0200, Ragnar Sundblad wrote: > How are everybody else doing console login time afslog-ing > with Mac OS X 10.2? I've been working on this the past few days, and I ended up with a solution that sounds fairly similar to yours. I wrote a login and logout plugin for the Kerberos Login Library that gets called whenever Kerberos credentials are obtained, including loginwindow authentication. It obtains an AFS token on each Kerberos login, and destroy the AFS token on each (explicit) Kerberos logout. I ran into some of the same problems you did with loginwindow authentication, namely that SecurityAgent initializes the credentials cache as root, so setting AFS tokens at that point gets to be a bit of hack. But it seems to work pretty well, although I haven't done a huge amount of testing. A snapshot of the code I'm currently using is available at -- Alexei Kosut From dwb7@ccmr.cornell.edu Mon Sep 30 16:23:03 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mercury.ccmr.cornell.edu (mercury.ccmr.cornell.edu [128.84.231.97]) by grand.central.org (Postfix) with ESMTP id 18CC09D64 for ; Mon, 30 Sep 2002 16:23:03 -0400 (EDT) Received: from domino (RedFyre@domino.ccmr.cornell.edu [128.84.231.91]) by mercury.ccmr.cornell.edu (8.9.3/8.9.3) with ESMTP id QAA01133 for ; Mon, 30 Sep 2002 16:23:01 -0400 Date: Mon, 30 Sep 2002 16:23:01 -0400 From: David Botsch To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <20020930202301.GG18540@domino.ccmr.cornell.edu> References: <615222983.1032243304@[10.0.1.41]> <20020930201344.GA16624@stanford.edu> Mime-Version: 1.0 Content-Type: text/plain; format=flowed; charset=ISO-8859-1 Content-Disposition: inline In-Reply-To: <20020930201344.GA16624@stanford.edu>; from akosut@stanford.edu on Mon, Sep 30, 2002 at 16:13:44 -0400 X-Mailer: Balsa 1.4.1 Lines: 48 Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Well, I'm just using pam for text console logins (as well as sshd). After some struggling, the 1.2.7 release of OpenAFS pam module compiled. What I have failed to get working, however, is the loginwindow auth via pam. I've been looking at the /etc/authorization file, but have not yet completely decipehred it. If pam could be gotten working, this would seem to be the proper way to do it since who knows if the loginwinow authenticator will change again with 10.somethingnewer. On 2002.09.30 16:13 Alexei Kosut wrote: > On Tue, Sep 17, 2002 at 06:15:04AM +0200, Ragnar Sundblad wrote: > > How are everybody else doing console login time afslog-ing > > with Mac OS X 10.2? > > I've been working on this the past few days, and I ended up with a > solution that sounds fairly similar to yours. I wrote a login and > logout plugin for the Kerberos Login Library that gets called whenever > Kerberos credentials are obtained, including loginwindow > authentication. It obtains an AFS token on each Kerberos login, and > destroy the AFS token on each (explicit) Kerberos logout. > > I ran into some of the same problems you did with loginwindow > authentication, namely that SecurityAgent initializes the credentials > cache as root, so setting AFS tokens at that point gets to be a bit of > hack. But it seems to work pretty well, although I haven't done a > huge amount of testing. > > A snapshot of the code I'm currently using is available at > > > -- > Alexei Kosut > > _______________________________________________ > port-darwin mailing list > port-darwin@openafs.org > https://lists.openafs.org/mailman/listinfo/port-darwin > -- ******************************** David William Botsch Consultant/Advisor II CCMR Computing Facility dwb7@ccmr.cornell.edu ******************************** From akosut@Stanford.EDU Mon Sep 30 16:58:48 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from saga13.Stanford.EDU (saga13.Stanford.EDU [171.64.15.143]) by grand.central.org (Postfix) with ESMTP id E7A299C47 for ; Mon, 30 Sep 2002 16:58:47 -0400 (EDT) Received: (from akosut@localhost) by saga13.Stanford.EDU (8.11.6/8.11.6) id g8UKwfd19144; Mon, 30 Sep 2002 13:58:41 -0700 (PDT) Date: Mon, 30 Sep 2002 13:58:41 -0700 From: Alexei Kosut To: David Botsch Cc: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <20020930205840.GA18894@stanford.edu> References: <615222983.1032243304@[10.0.1.41]> <20020930201344.GA16624@stanford.edu> <20020930202301.GG18540@domino.ccmr.cornell.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020930202301.GG18540@domino.ccmr.cornell.edu> User-Agent: Mutt/1.4i Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: On Mon, Sep 30, 2002 at 04:23:01PM -0400, David Botsch wrote: > What I have failed to get working, however, is the loginwindow auth via > pam. I'm not sure that this is possible. It's possible to do SecurityAgent authentication from PAM-enabled programs (with pam_securityserver.so), but I've found no indication that there's a way to do the reverse. Certainly none of the usual suspects (loginwindow, SecurityServer, SecurityAgent, etc...) link against the PAM libraries. I think that loginwindow authentication is pluggable only with Security Agent plugins. I suppose you could write such a plugin that did PAM, but the API here looks even harder to reverse-engineer than most private Apple APIs (it appears to be C++). -- Alexei Kosut From dwb7@ccmr.cornell.edu Mon Sep 30 17:07:19 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mercury.ccmr.cornell.edu (mercury.ccmr.cornell.edu [128.84.231.97]) by grand.central.org (Postfix) with ESMTP id 90D8E9D72 for ; Mon, 30 Sep 2002 17:07:19 -0400 (EDT) Received: from domino (RedFyre@domino.ccmr.cornell.edu [128.84.231.91]) by mercury.ccmr.cornell.edu (8.9.3/8.9.3) with ESMTP id RAA02103 for ; Mon, 30 Sep 2002 17:07:14 -0400 Date: Mon, 30 Sep 2002 17:07:13 -0400 From: David Botsch To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <20020930210713.GI18540@domino.ccmr.cornell.edu> References: <615222983.1032243304@[10.0.1.41]> <20020930201344.GA16624@stanford.edu> <20020930202301.GG18540@domino.ccmr.cornell.edu> <20020930205840.GA18894@stanford.edu> Mime-Version: 1.0 Content-Type: text/plain; format=flowed; charset=ISO-8859-1 Content-Disposition: inline In-Reply-To: <20020930205840.GA18894@stanford.edu>; from akosut@Stanford.EDU on Mon, Sep 30, 2002 at 16:58:41 -0400 X-Mailer: Balsa 1.4.1 Lines: 45 Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: If true, it makes you wonder what the point of having pam is ... just to make things like sshd happy? Maybe I misunderstood what Apple was saying about including pam and about replacing the apis in place with the login authenticators in 10.1 (but I'm not the only one with the impression that loginwindow would use pam, allowing us to just plugin whatever type of auth we needed). Is this type of authentication .. pam to security server .. why we have a "system.login.pam" key in /etc/authorization ? The next obvious question would be, then, what about replacing the loginwindow with something like gdm, that works with pam, but having it still start the normal OS X GUI isntead of XWindows? On 2002.09.30 16:58 Alexei Kosut wrote: > On Mon, Sep 30, 2002 at 04:23:01PM -0400, David Botsch wrote: > > What I have failed to get working, however, is the loginwindow auth > via > > pam. > > I'm not sure that this is possible. It's possible to do SecurityAgent > authentication from PAM-enabled programs (with pam_securityserver.so), > but I've found no indication that there's a way to do the reverse. > Certainly none of the usual suspects (loginwindow, SecurityServer, > SecurityAgent, etc...) link against the PAM libraries. > > I think that loginwindow authentication is pluggable only with > Security Agent plugins. I suppose you could write such a plugin that > did PAM, but the API here looks even harder to reverse-engineer than > most private Apple APIs (it appears to be C++). > > -- > Alexei Kosut > > -- ******************************** David William Botsch Consultant/Advisor II CCMR Computing Facility dwb7@ccmr.cornell.edu ******************************** From arosenbl@mac.com Thu Oct 3 20:11:11 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtpout.mac.com (smtpout.mac.com [204.179.120.87]) by grand.central.org (Postfix) with ESMTP id 876759D69 for ; Thu, 3 Oct 2002 20:11:10 -0400 (EDT) Received: from asmtp02.mac.com (asmtp02-qfe3 [10.13.10.66]) by smtpout.mac.com (Xserve/MantshX 2.0) with ESMTP id g940AnaS001315 for ; Thu, 3 Oct 2002 17:10:50 -0700 (PDT) Received: from mac.com ([166.90.245.14]) by asmtp02.mac.com (Netscape Messaging Server 4.15) with ESMTP id H3FKIK00.3MM for ; Thu, 3 Oct 2002 17:11:08 -0700 Date: Thu, 3 Oct 2002 20:11:07 -0400 Mime-Version: 1.0 (Apple Message framework v546) Content-Type: text/plain; charset=US-ASCII; format=flowed From: Aaron Rosenblum To: port-darwin@openafs.org Content-Transfer-Encoding: 7bit Message-Id: X-Mailer: Apple Mail (2.546) Subject: [OpenAFS-port-darwin] 1.2.7 and Jaguar 10.2.1 Questions Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Hey all, I just installed OpenAFS 10.2.1 on Jaguar 10.2.1 from the pkg installer. Everything seems to be working fine. I noticed a few differences between this version and the other OpenAFS version that I have installed in the past. First, in addition to 'CellServDB' there also exists both CellServDB.master and CellServDB.master.last. Can anyone tell me the significance of these files? Do I need to do something with them if I want to replace the default CellServDB with one that contains more of our local cells? Also, I noticed the absence of the aklog program. I downloaded the binary from http://web.mit.edu/openafs/ and put it in /Library/OpenAFS/Tools/bin/ . Running the aklog command gives me this output: aklog: Couldn't get umich.edu AFS tickets: Don't have Kerberos ticket-granting ticket but klist gives me this output (I have my machine to get tickets upon login): Kerberos 5 ticket cache: 'API:Initial default ccache' Default Principal: arosenbl@UMICH.EDU Valid Starting Expires Service Principal 10/03/02 19:47:26 10/04/02 05:47:10 krbtgt/UMICH.EDU@UMICH.EDU 10/03/02 19:49:52 10/04/02 05:47:10 imap/tremors.imap.itd.umich.edu@UMICH.EDU Kerberos 4 ticket cache: 'Initial default ccache' Default Principal: arosenbl@UMICH.EDU Issued Expires Service Principal 10/03/02 19:47:26 10/04/02 05:47:26 krbtgt.UMICH.EDU@UMICH.EDU I know aklog works with KfM and my site, I have used it with arla in the past. Any help would be appreciated. Thanks Aaron From cg2v@andrew.cmu.edu Thu Oct 3 21:18:12 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp5.andrew.cmu.edu (SMTP5.andrew.cmu.edu [128.2.10.85]) by grand.central.org (Postfix) with ESMTP id CE7379DAD for ; Thu, 3 Oct 2002 21:18:11 -0400 (EDT) Received: from endicott (dhcp-7-60.dsl.telerama.com [205.201.7.60]) (user=cg2v mech=KERBEROS_V4 (0 bits)) by smtp5.andrew.cmu.edu (8.12.3.Beta2/8.12.3.Beta2) with ESMTP id g941I97s025619 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NOT) for ; Thu, 3 Oct 2002 21:18:10 -0400 Date: Thu, 03 Oct 2002 21:18:11 -0400 From: Chaskiel M Grundman To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] 1.2.7 and Jaguar 10.2.1 Questions Message-ID: <108690000.1033694291@endicott> In-Reply-To: References: Originator-Info: login-id=cg2v; server=cyrus.andrew.cmu.edu; token_authority=postmaster@andrew.cmu.edu X-Mailer: Mulberry/2.1.2 (Linux/x86) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: --On Thursday, October 03, 2002 20:11:07 -0400 Aaron Rosenblum wrote: > past. First, in addition to 'CellServDB' there also exists both > CellServDB.master and CellServDB.master.last. Can anyone tell me the > significance of these files? Previous openafs packages included a CellServDB that would always be installed. Some people objected to this, and requested that local changes to CellServDB be preserved. The extra CellServDB files exist so that the scripts can properly merge user CellServDB updates and updates included in future revisions of the package. You don't need to do anything with the extra files. You should really leave them alone if at all possible. if you want to add local cells, just insert them into the normal CellServDB. > Also, I noticed the absence of the aklog program. I Openafs packages for macos have never included an aklog binary. Your aklog error sounds like a problem determining the correct kerberos realm to get tickets from, which usually indicates an incomplete krb.realms file (or [domain_realm] section in krb5.conf aka /Library/Preferences/edu.mit.Kerberos Try aklog umich.edu -k UMICH.EDU From jackson@CMU.EDU Fri Oct 4 15:22:38 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp6.andrew.cmu.edu (SMTP6.andrew.cmu.edu [128.2.10.86]) by grand.central.org (Postfix) with ESMTP id C5DD09DFA for ; Fri, 4 Oct 2002 15:22:37 -0400 (EDT) Received: from saratoga.cc.cmu.edu (SARATOGA.CC.cmu.edu [128.2.6.34]) (user=jackson mech=GSSAPI (0 bits)) by smtp6.andrew.cmu.edu (8.12.3.Beta2/8.12.3.Beta2) with ESMTP id g94JMNUL020494 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NOT); Fri, 4 Oct 2002 15:22:25 -0400 Date: Fri, 04 Oct 2002 15:22:24 -0400 From: Joseph Jackson To: Alexei Kosut , David Botsch Cc: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <147777.1033744944@saratoga.cc.cmu.edu> In-Reply-To: <20020930205840.GA18894@stanford.edu> References: <615222983.1032243304@[10.0.1.41]> <20020930201344.GA16624@stanford.edu> <20020930202301.GG18540@domino.ccmr.cornell.edu> <20020930205840.GA18894@stanford.edu> Originator-Info: login-token=Mulberry:01Z4Ss9NHlD1+s3ilInOEqcveuIx29sBB1wMrxISKe0zA=; token_authority=postmaster@andrew.cmu.edu X-Mailer: Mulberry/2.2.1 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: --On 9/30/02 1:58 PM -0700 Alexei Kosut wrote: > I think that loginwindow authentication is pluggable only with > Security Agent plugins. I suppose you could write such a plugin that > did PAM, but the API here looks even harder to reverse-engineer than > most private Apple APIs (it appears to be C++). That was also my understanding after attending Apple's developer conference in May. Loginwindow doesn't have any direct connection to PAM. All the BSD type stuff does go through PAM (sshd, ftpd, etc.) but Loginwindow has separate keys in /etc/authorization. Joe Jackson, Carnegie Mellon University. From dwb7@ccmr.cornell.edu Fri Oct 4 15:37:12 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mercury.ccmr.cornell.edu (mercury.ccmr.cornell.edu [128.84.231.97]) by grand.central.org (Postfix) with ESMTP id C42FD9DEF for ; Fri, 4 Oct 2002 15:37:11 -0400 (EDT) Received: from kurn (kurn.ccmr.cornell.edu [128.84.249.183]) by mercury.ccmr.cornell.edu (8.9.3/8.9.3) with ESMTP id PAA07907; Fri, 4 Oct 2002 15:37:06 -0400 Date: Fri, 4 Oct 2002 15:37:06 -0400 From: David Botsch To: Joseph Jackson Cc: Alexei Kosut , port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <20021004193706.GC25278@kurn.ccmr.cornell.edu> References: <615222983.1032243304@[10.0.1.41]> <20020930201344.GA16624@stanford.edu> <20020930202301.GG18540@domino.ccmr.cornell.edu> <20020930205840.GA18894@stanford.edu> <147777.1033744944@saratoga.cc.cmu.edu> Mime-Version: 1.0 Content-Type: text/plain; format=flowed; charset=ISO-8859-1 Content-Disposition: inline In-Reply-To: <147777.1033744944@saratoga.cc.cmu.edu>; from jackson@CMU.EDU on Fri, Oct 04, 2002 at 15:22:24 -0400 X-Mailer: Balsa 1.4.1 Lines: 39 Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Looking back at the pam port that was being done by padl, it looks like they were actually working on a bridge to allow loginwindow to use pam. Even more interesting is that macosxlabs.org actually states that you can use pam to extend the loginwindow (so, maybe they made the same wrong assumptions?). does anyone have a contact at Apple to either request an afs authenticator for loginwindow or a pam authenticator for the loginwindow? As MacOSXlabs states, pam would allow loginwindow to be extremely extendable. On 2002.10.04 15:22 Joseph Jackson wrote: > --On 9/30/02 1:58 PM -0700 Alexei Kosut wrote: > >> I think that loginwindow authentication is pluggable only with >> Security Agent plugins. I suppose you could write such a plugin that >> did PAM, but the API here looks even harder to reverse-engineer than >> most private Apple APIs (it appears to be C++). > > That was also my understanding after attending Apple's developer > conference in May. Loginwindow doesn't have any direct connection to > PAM. All the BSD type stuff does go through PAM (sshd, ftpd, etc.) > but Loginwindow has separate keys in /etc/authorization. > > Joe Jackson, > Carnegie Mellon University. > > _______________________________________________ > port-darwin mailing list > port-darwin@openafs.org > https://lists.openafs.org/mailman/listinfo/port-darwin -- ******************************** David William Botsch Consultant/Advisor II CCMR Computing Facility dwb7@ccmr.cornell.edu ******************************** From jackson@CMU.EDU Fri Oct 4 16:03:17 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp5.andrew.cmu.edu (SMTP5.andrew.cmu.edu [128.2.10.85]) by grand.central.org (Postfix) with ESMTP id 1942F9DD5 for ; Fri, 4 Oct 2002 16:03:17 -0400 (EDT) Received: from CMU.EDU (TI.CC.cmu.edu [128.2.121.71]) (user=jackson mech=GSSAPI (56 bits)) by smtp5.andrew.cmu.edu (8.12.3.Beta2/8.12.3.Beta2) with ESMTP id g94K3F7r002569; Fri, 4 Oct 2002 16:03:16 -0400 Date: Fri, 4 Oct 2002 16:03:23 -0400 Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v546) Cc: Alexei Kosut , port-darwin@openafs.org To: David Botsch From: Joseph Jackson In-Reply-To: <20021004193706.GC25278@kurn.ccmr.cornell.edu> Message-Id: <5612F09C-D7D4-11D6-B6E8-000393104316@CMU.EDU> Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.546) Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Sigh. I'm in charge of the macosxlabs.org project, though it's mostly a few others who contribute documentation. I believe we may have published an incorrect statement. I'm just upgrading to 10.2 on my main desktop today, so I'll get those docs corrected once I know what I'm talking about. I'll be sure to bring this up during our next group conf call. I have some contacts at Apple who I can get advice from on the AFS authentication issue. I doubt that they would distribute an authenticator, given that they don't distribute the OpenAFS client, but we can probably get some questions answered. Apple has a web page where anyone can report bugs or make enhancement requests. Asking for a bridge to tie loginwindow to PAM sounds reasonable to me. http://developer.apple.com/bugreporter Joe Jackson, Carnegie Mellon University. On Friday, October 4, 2002, at 03:37 PM, David Botsch wrote: > Looking back at the pam port that was being done by padl, it looks > like they were actually working on a bridge to allow loginwindow to > use pam. Even more interesting is that macosxlabs.org actually states > that you can use pam to extend the loginwindow (so, maybe they made > the same wrong assumptions?). > > does anyone have a contact at Apple to either request an afs > authenticator for loginwindow or a pam authenticator for the > loginwindow? As MacOSXlabs states, pam would allow loginwindow to be > extremely extendable. From dwb7@ccmr.cornell.edu Fri Oct 4 16:15:53 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mercury.ccmr.cornell.edu (mercury.ccmr.cornell.edu [128.84.231.97]) by grand.central.org (Postfix) with ESMTP id 292EB9DF8 for ; Fri, 4 Oct 2002 16:15:53 -0400 (EDT) Received: from kurn (kurn.ccmr.cornell.edu [128.84.249.183]) by mercury.ccmr.cornell.edu (8.9.3/8.9.3) with ESMTP id QAA08865; Fri, 4 Oct 2002 16:15:47 -0400 Date: Fri, 4 Oct 2002 16:15:47 -0400 From: David Botsch To: Joseph Jackson Cc: David Botsch , Alexei Kosut , port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <20021004201547.GE25278@kurn.ccmr.cornell.edu> References: <5612F09C-D7D4-11D6-B6E8-000393104316@CMU.EDU> Mime-Version: 1.0 Content-Type: text/plain; format=flowed; charset=ISO-8859-1 Content-Disposition: inline In-Reply-To: <5612F09C-D7D4-11D6-B6E8-000393104316@CMU.EDU>; from jackson@CMU.EDU on Fri, Oct 04, 2002 at 16:03:23 -0400 X-Mailer: Balsa 1.4.1 Lines: 51 Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Well, It seems to be impossible to sign up for ADC membership if one already has an apple id (required to report a bug). On 2002.10.04 16:03 Joseph Jackson wrote: > Sigh. I'm in charge of the macosxlabs.org project, though it's mostly > a few others who contribute documentation. I believe we may have > published an incorrect statement. I'm just upgrading to 10.2 on my > main desktop today, so I'll get those docs corrected once I know what > I'm talking about. I'll be sure to bring this up during our next > group conf call. > > I have some contacts at Apple who I can get advice from on the AFS > authentication issue. I doubt that they would distribute an > authenticator, given that they don't distribute the OpenAFS client, > but we can probably get some questions answered. > > Apple has a web page where anyone can report bugs or make enhancement > requests. Asking for a bridge to tie loginwindow to PAM sounds > reasonable to me. > http://developer.apple.com/bugreporter > > Joe Jackson, > Carnegie Mellon University. > > On Friday, October 4, 2002, at 03:37 PM, David Botsch wrote: > >> Looking back at the pam port that was being done by padl, it looks >> like they were actually working on a bridge to allow loginwindow to >> use pam. Even more interesting is that macosxlabs.org actually >> states that you can use pam to extend the loginwindow (so, maybe >> they made the same wrong assumptions?). >> >> does anyone have a contact at Apple to either request an afs >> authenticator for loginwindow or a pam authenticator for the >> loginwindow? As MacOSXlabs states, pam would allow loginwindow to be >> extremely extendable. > > _______________________________________________ > port-darwin mailing list > port-darwin@openafs.org > https://lists.openafs.org/mailman/listinfo/port-darwin -- ******************************** David William Botsch Consultant/Advisor II CCMR Computing Facility dwb7@ccmr.cornell.edu ******************************** From jackson@CMU.EDU Fri Oct 4 16:46:27 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp5.andrew.cmu.edu (SMTP5.andrew.cmu.edu [128.2.10.85]) by grand.central.org (Postfix) with ESMTP id AF0789DDA for ; Fri, 4 Oct 2002 16:46:27 -0400 (EDT) Received: from saratoga.cc.cmu.edu (SARATOGA.CC.cmu.edu [128.2.6.34]) (user=jackson mech=GSSAPI (0 bits)) by smtp5.andrew.cmu.edu (8.12.3.Beta2/8.12.3.Beta2) with ESMTP id g94KkH7s005543 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NOT); Fri, 4 Oct 2002 16:46:19 -0400 Date: Fri, 04 Oct 2002 16:46:17 -0400 From: Joseph Jackson To: Alexei Kosut , Ragnar Sundblad Cc: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <23275.1033749977@saratoga.cc.cmu.edu> In-Reply-To: <20020930201344.GA16624@stanford.edu> References: <615222983.1032243304@[10.0.1.41]> <20020930201344.GA16624@stanford.edu> Originator-Info: login-token=Mulberry:01dVHQsN+yMxu6q00Eqq5OLgV7R9nLfTQxzti+Rd6soFQ=; token_authority=postmaster@andrew.cmu.edu X-Mailer: Mulberry/2.2.1 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: --On 9/30/02 1:13 PM -0700 Alexei Kosut wrote: > A snapshot of the code I'm currently using is available at > I grabbed your code and dropped it in place. At first glance, it appears to be working very well. Thanks a lot for sharing the code! Joe. From ragge@nada.kth.se Sat Oct 5 21:34:35 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp.nada.kth.se (smtp.nada.kth.se [130.237.222.232]) by grand.central.org (Postfix) with ESMTP id 0A1FD9C42 for ; Sat, 5 Oct 2002 21:34:35 -0400 (EDT) X-Authentication-Info: Sender authentication was Received: from [10.0.1.27] (h71n2fls31o827.telia.com [213.66.180.71]) (authenticated bits=0) by smtp.nada.kth.se (8.12.1/8.12.1) with ESMTP id g961YTV5012345 for ; Sun, 6 Oct 2002 03:34:33 +0200 (MEST) Date: Sun, 06 Oct 2002 03:34:28 +0200 From: Ragnar Sundblad To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <201477078.1033875268@[10.0.1.27]> In-Reply-To: <20021004193706.GC25278@kurn.ccmr.cornell.edu> References: <20021004193706.GC25278@kurn.ccmr.cornell.edu> X-Mailer: Mulberry/2.2.1 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: --On den 4 oktober 2002 15:37 -0400 David Botsch wrote: > does anyone have a contact at Apple to either request an afs > authenticator for loginwindow or a pam authenticator for the loginwindow? > As MacOSXlabs states, pam would allow loginwindow to be extremely > extendable. Note that any plugin just to loginwindow won't solve the per-uid-tokens problem, since loginwindow is only the parent to CoreServices/pbs. All other user apps (Dock, Finder, etc) are children to WindowServer which isn't PIDly related to neither loginwindow nor the user's SecurityAgent which (currently) is the one running the kerberos plugin at loginwindow time. There might be or come more services that need access to the user's files, so we probably will have to live with per-uid-tokens until someone has came up with a new token-context scheme. Also, just having a pam will not solve the ticket renewal problem, while the loginLogout plugin does (except for a bug in that code right now which only renews tickets when they have expired which is to late, but that will hopefully be fixed). Though, since the apple kerb code won't renew tickets if nothing exercises it, we will need a ticket renewal daemon/app in the future too anyway, so it could (still) renew afs tokens as well. Not extremely beatiful but will probably work. /ragge From drh@citi.umich.edu Sun Oct 6 22:20:50 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from citi.umich.edu (citi.umich.edu [141.211.92.141]) by grand.central.org (Postfix) with ESMTP id CB9179C1E for ; Sun, 6 Oct 2002 22:20:49 -0400 (EDT) Received: from citi.umich.edu (block.ifs.umich.edu [141.213.229.99]) by citi.umich.edu (Postfix) with ESMTP id EC26B207C3; Sun, 6 Oct 2002 22:20:48 -0400 (EDT) To: Ragnar Sundblad Cc: port-darwin@openafs.org From: Dan Hyde Reply-To: Dan Hyde Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 In-reply-to: Your message of Sun, 06 Oct 2002 03:34:28 +0200. <201477078.1033875268@[10.0.1.27]> Date: Sun, 06 Oct 2002 22:20:48 -0400 Message-ID: <28052.1033957248@block.ifs.umich.edu> Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: > > does anyone have a contact at Apple to either request an afs > > authenticator for loginwindow or a pam authenticator for the loginwindow? There is a Kerberos one. > Note that any plugin just to loginwindow won't solve the > per-uid-tokens problem, since loginwindow is only the parent > to CoreServices/pbs. All other user apps (Dock, Finder, etc) > are children to WindowServer which isn't PIDly related to > neither loginwindow nor the user's SecurityAgent which > (currently) is the one running the kerberos plugin at > loginwindow time. Here's the hack I've been using for a long while; the order of steps two and three aren't important, but you'd better do step two or it won't work. The trick is to get WindowServer to do a setpag, and then later, when a child process (login or klog or kinit/aklog) get credentials, the apply to all the WindowServer's subprocesses. You can verify with id. NB: the first time WindowServer runs, the afs kernel extensions aren't there, so you have to login/logout to get a new one. 0) cd /System/Library/CoreServices/ 1) mv WindowServer WindowServer.real 2) touch WindowServer; chmod +x WindowServer 3) cat << EOF > WindowServer #!/bin/sh case $# in 0) if /usr/bin/pagsh -c /usr/bin/true then exec /usr/bin/pagsh -c "/System/Library/CoreServices/WindowServer.real" else exec "/System/Library/CoreServices/WindowServer.real" fi ;; *) if /usr/bin/pagsh -c /usr/bin/true then exec /usr/bin/pagsh -c "/System/Library/CoreServices/WindowServer.real $*" else exec "/System/Library/CoreServices/WindowServer.real" "$@" fi ;; esac EOF Enjoy! From ragge@nada.kth.se Mon Oct 7 11:23:13 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp.nada.kth.se (smtp.nada.kth.se [130.237.222.232]) by grand.central.org (Postfix) with ESMTP id 697239C20 for ; Mon, 7 Oct 2002 11:23:13 -0400 (EDT) X-Authentication-Info: Sender authentication was Received: from localhost (dyna225-094.nada.kth.se [130.237.225.94]) (authenticated bits=0) by smtp.nada.kth.se (8.12.1/8.12.1) with ESMTP id g97FMjV7004468; Mon, 7 Oct 2002 17:22:53 +0200 (MEST) Date: Mon, 07 Oct 2002 17:22:42 +0200 From: Ragnar Sundblad To: Dan Hyde Cc: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <798378.1034011362@rp2> In-Reply-To: <28052.1033957248@block.ifs.umich.edu> References: <28052.1033957248@block.ifs.umich.edu> X-Mailer: Mulberry/2.2.1 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: --On den 6 oktober 2002 22:20 -0400 Dan Hyde wrote: >> > does anyone have a contact at Apple to either request an afs >> > authenticator for loginwindow or a pam authenticator for the >> > loginwindow? > > There is a Kerberos one. If you mean the good ol' next style loginwindow authenticator plugin that doesn't work as from 10.2, one should use the new authentication apis instead. At least that is the information I have got and why I wrote a kerberos plugin for aklog-ing. >> Note that any plugin just to loginwindow won't solve the >> per-uid-tokens problem, since loginwindow is only the parent >> to CoreServices/pbs. All other user apps (Dock, Finder, etc) >> are children to WindowServer which isn't PIDly related to >> neither loginwindow nor the user's SecurityAgent which >> (currently) is the one running the kerberos plugin at >> loginwindow time. > > Here's the hack I've been using for a long while; the order of steps > two and three aren't important, but you'd better do step two or it > won't work. The trick is to get WindowServer to do a setpag, and then > later, when a child process (login or klog or kinit/aklog) get > credentials, the apply to all the WindowServer's subprocesses. You can > verify with id. NB: the first time WindowServer runs, the afs kernel > extensions aren't there, so you have to login/logout to get a new one. But to have home directories in AFS one needs tokens right away, and possibly for all of and maybe even more process trees than the loginwindow, the windowsserver and the securityagent ones. This will only fix it for the windowsserver tree, and only if the user later aklogs. Or did I miss anything? /ragge From dwb7@ccmr.cornell.edu Mon Oct 7 17:26:00 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mercury.ccmr.cornell.edu (mercury.ccmr.cornell.edu [128.84.231.97]) by grand.central.org (Postfix) with ESMTP id E5B8B9CB1 for ; Mon, 7 Oct 2002 17:25:59 -0400 (EDT) Received: from domino (domino.ccmr.cornell.edu [128.84.231.91]) by mercury.ccmr.cornell.edu (8.9.3/8.9.3) with ESMTP id RAA25869; Mon, 7 Oct 2002 17:25:54 -0400 Date: Mon, 7 Oct 2002 17:25:54 -0400 From: David Botsch To: Dan Hyde Cc: Ragnar Sundblad , port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <20021007212554.GK3906@domino.ccmr.cornell.edu> References: <28052.1033957248@block.ifs.umich.edu> Mime-Version: 1.0 Content-Type: text/plain; format=flowed; charset=ISO-8859-1 Content-Disposition: inline In-Reply-To: <28052.1033957248@block.ifs.umich.edu>; from drh@umich.edu on Sun, Oct 06, 2002 at 22:20:48 -0400 X-Mailer: Balsa 1.4.1 Lines: 68 Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: If we are authing against kerberos, which we can do, where does this fit into that process? Before or after the auth takes place? Ie could one just insert the "aklog" command after the pagsh command and thereby get tokens (looks like I need to find some docs on what does what when here)? As a later email said, we are shooting for home directories in afs space. On 2002.10.06 22:20 Dan Hyde wrote: > > Here's the hack I've been using for a long while; the order of steps > two and three aren't important, but you'd better do step two or it > won't work. The trick is to get WindowServer to do a setpag, and then > later, when a child process (login or klog or kinit/aklog) get > credentials, the apply to all the WindowServer's subprocesses. You > can > verify with id. NB: the first time WindowServer runs, the afs kernel > extensions aren't there, so you have to login/logout to get a new one. > > 0) cd /System/Library/CoreServices/ > 1) mv WindowServer WindowServer.real > 2) touch WindowServer; chmod +x WindowServer > 3) cat << EOF > WindowServer > #!/bin/sh > > case $# in > 0) > > if /usr/bin/pagsh -c /usr/bin/true > then > exec /usr/bin/pagsh -c > "/System/Library/CoreServices/WindowServer.real" > else > exec "/System/Library/CoreServices/WindowServer.real" > fi > ;; > > *) > > if /usr/bin/pagsh -c /usr/bin/true > then > exec /usr/bin/pagsh -c > "/System/Library/CoreServices/WindowServer.real > $*" > else > exec "/System/Library/CoreServices/WindowServer.real" > "$@" > fi > ;; > > esac > EOF > > Enjoy! > _______________________________________________ > port-darwin mailing list > port-darwin@openafs.org > https://lists.openafs.org/mailman/listinfo/port-darwin > -- ******************************** David William Botsch Consultant/Advisor II CCMR Computing Facility dwb7@ccmr.cornell.edu ******************************** From ragge@nada.kth.se Mon Oct 7 18:00:44 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp.nada.kth.se (smtp.nada.kth.se [130.237.222.232]) by grand.central.org (Postfix) with ESMTP id 804779CB2 for ; Mon, 7 Oct 2002 18:00:43 -0400 (EDT) X-Authentication-Info: Sender authentication was Received: from localhost (h71n2fls31o827.telia.com [213.66.180.71]) (authenticated bits=0) by smtp.nada.kth.se (8.12.1/8.12.1) with ESMTP id g97M0eV7006900; Tue, 8 Oct 2002 00:00:42 +0200 (MEST) Date: Tue, 08 Oct 2002 00:00:37 +0200 From: Ragnar Sundblad To: David Botsch , Dan Hyde Cc: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <22238286.1034035237@[10.0.1.34]> In-Reply-To: <20021007212554.GK3906@domino.ccmr.cornell.edu> References: <20021007212554.GK3906@domino.ccmr.cornell.edu> X-Mailer: Mulberry/2.2.1 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: --On den 7 oktober 2002 17:25 -0400 David Botsch wrote: > If we are authing against kerberos, which we can do, where does this fit > into that process? Before or after the auth takes place? Ie could one > just insert the "aklog" command after the pagsh command and thereby get > tokens (looks like I need to find some docs on what does what when here)? > As a later email said, we are shooting for home directories in afs space. The windowserver is (re)started at the same time as loginwindow is putting up its login panel, I don't think you can use that trick for home directories in AFS (see previous posts) since there is no good way (as I know of at least) to get tokens early enough. For now I'd recommend using Alexei Kosut's kerberos plugin which seems to be well written and people say it works, I haven't tried it myself yet. (Mine works too but is somewhat more complicated, not in my code but in that it also uses heimdal krb5 and the krbafs lib - I had trouble getting krbafs+MIT-krb4 to work when I worked on it, but now it seems to work fine. Oh well.). We still need something to renew tickets. At KTH we have previously been using the old loginwindow plugin api and done it all ourselves with heimdal and kthkrb, but think we should migrate to using the built in kerberos things now that it seems to be possible. We have an app to renew tickets that could be modified to monitor and renew Apple/MIT kerberos tickets instead. Are there any better suggestions for handling this? (Our renew app works like this: We check out krb5 tickets that are valid for 24 hours and renewable for 2 weeks. When half the ticket lifetime has past the app starts trying to renew them - giving it 12 hours to succeed. When half the renewable time has past it puts up a password dialog, giving the user one week to see the dialog and get new tickets. The times choosen are, of course, completely arbitrary. The krb4 tgt and afs tokens are also monitored and new are checked out when half their lifetime has passed.) /ragge From dwb7@ccmr.cornell.edu Mon Oct 7 19:48:01 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mercury.ccmr.cornell.edu (mercury.ccmr.cornell.edu [128.84.231.97]) by grand.central.org (Postfix) with ESMTP id 049289C4D for ; Mon, 7 Oct 2002 19:48:01 -0400 (EDT) Received: from domino.ccmr.cornell.edu (domino.ccmr.cornell.edu [128.84.231.91]) by mercury.ccmr.cornell.edu (8.9.3/8.9.3) with ESMTP id TAA28686; Mon, 7 Oct 2002 19:48:00 -0400 Received: (from dwb7@localhost) by domino.ccmr.cornell.edu (8.12.3/8.12.3) id g97Nm0Gs005649; Mon, 7 Oct 2002 19:48:00 -0400 X-Authentication-Warning: domino.ccmr.cornell.edu: dwb7 set sender to dwb7@ccmr.cornell.edu using -f Date: Mon, 7 Oct 2002 19:48:00 -0400 From: David Botsch To: Ragnar Sundblad Cc: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <20021007194800.A5594@ccmr.cornell.edu> References: <20021007212554.GK3906@domino.ccmr.cornell.edu> <22238286.1034035237@[10.0.1.34]> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <22238286.1034035237@[10.0.1.34]>; from ragge@nada.kth.se on Tue, Oct 08, 2002 at 12:00:37AM +0200 Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: So, your trick sets up a pagsh for the windowserver (under which loginwindow runs, etc). Now, what happens to that pagsh when the loginwindow decides to become the user as which someone has logged in? You seemt to imply that essentially a su user takes place? Add to the above a kerberos login plugin similar to what was posted that just does an aklog, and we have tokens now. But, is it too late as far as afs home directories are concerned, here? You also mention afs kernel extensions not being present during the first login. Aren't these loaded when the startupscript starts afs as the Mac OS X machine starts? As much as I hate to say this, are there any replacements out there for loginwindow? For instance, it would be great to just be able to pop in gdm, have gdm auth with pam, then go into a normal OS X gui session. On Tue, Oct 08, 2002 at 12:00:37AM +0200, Ragnar Sundblad wrote: > > > --On den 7 oktober 2002 17:25 -0400 David Botsch > wrote: > > > If we are authing against kerberos, which we can do, where does this fit > > into that process? Before or after the auth takes place? Ie could one > > just insert the "aklog" command after the pagsh command and thereby get > > tokens (looks like I need to find some docs on what does what when here)? > > As a later email said, we are shooting for home directories in afs space. > > The windowserver is (re)started at the same time as loginwindow is > putting up its login panel, I don't think you can use that trick > for home directories in AFS (see previous posts) since there > is no good way (as I know of at least) to get tokens early enough. > > For now I'd recommend using Alexei Kosut's kerberos plugin > which seems to be well written and people say it works, > I haven't tried it myself yet. > (Mine works too but is somewhat more complicated, not in > my code but in that it also uses heimdal krb5 and the > krbafs lib - I had trouble getting krbafs+MIT-krb4 to work > when I worked on it, but now it seems to work fine. Oh well.). > > We still need something to renew tickets. > > At KTH we have previously been using the old loginwindow plugin > api and done it all ourselves with heimdal and kthkrb, but think > we should migrate to using the built in kerberos things now > that it seems to be possible. > We have an app to renew tickets that could be modified to > monitor and renew Apple/MIT kerberos tickets instead. > Are there any better suggestions for handling this? > > (Our renew app works like this: > We check out krb5 tickets that are valid for 24 hours and > renewable for 2 weeks. When half the ticket lifetime has past > the app starts trying to renew them - giving it 12 hours > to succeed. When half the renewable time has past it puts > up a password dialog, giving the user one week to see the > dialog and get new tickets. The times choosen are, of course, > completely arbitrary. > The krb4 tgt and afs tokens are also monitored and new are > checked out when half their lifetime has passed.) > > /ragge > > -- ******************************** David William Botsch Consultant/Advisor II CCMR Computing Facility dwb7@ccmr.cornell.edu ******************************** From ragge@nada.kth.se Mon Oct 7 20:52:06 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp.nada.kth.se (smtp.nada.kth.se [130.237.222.232]) by grand.central.org (Postfix) with ESMTP id 109F69C4A for ; Mon, 7 Oct 2002 20:52:06 -0400 (EDT) X-Authentication-Info: Sender authentication was Received: from localhost (h71n2fls31o827.telia.com [213.66.180.71]) (authenticated bits=0) by smtp.nada.kth.se (8.12.1/8.12.1) with ESMTP id g980q3V7007703; Tue, 8 Oct 2002 02:52:05 +0200 (MEST) Date: Tue, 08 Oct 2002 02:52:01 +0200 From: Ragnar Sundblad To: David Botsch Cc: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <32522124.1034045521@[10.0.1.35]> In-Reply-To: <20021007194800.A5594@ccmr.cornell.edu> References: <20021007194800.A5594@ccmr.cornell.edu> X-Mailer: Mulberry/2.2.1 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: --On den 7 oktober 2002 19:48 -0400 David Botsch wrote: > So, your trick sets up a pagsh for the windowserver (under which > loginwindow runs, etc). Now, what happens to that pagsh when the > loginwindow decides to become the user as which someone has logged in? > You seemt to imply that essentially a su user takes place? > > Add to the above a kerberos login plugin similar to what was posted that > just does an aklog, and we have tokens now. But, is it too late as far as > afs home directories are concerned, here? > > You also mention afs kernel extensions not being present during the first > login. Aren't these loaded when the startupscript starts afs as the Mac > OS X machine starts? > > As much as I hate to say this, are there any replacements out there for > loginwindow? For instance, it would be great to just be able to pop in > gdm, have gdm auth with pam, then go into a normal OS X gui session. Note: I was not the one suggesting the pagsh script trick, I don't think it will cut it for afs based homedirs, while the loginLogout extension does, that I have tried. (Though I have considered something similar but from within init so that both loginwindow and windowmanager could share a pag. I still don't know if that is enough, maybe other services would need to share the pag too, that is why I say that the only maybe safe way to do this currently is with per-uid-tokens (still not completely safe, though, the SecurityAgent is running as root, and if that wants to write in the users' home dir it is smoked.) Please refer to earlier posts to catch up on the discussion. /ragge From dwb7@ccmr.cornell.edu Tue Oct 8 11:53:36 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mercury.ccmr.cornell.edu (mercury.ccmr.cornell.edu [128.84.231.97]) by grand.central.org (Postfix) with ESMTP id B1F169C34 for ; Tue, 8 Oct 2002 11:53:35 -0400 (EDT) Received: from domino (domino.ccmr.cornell.edu [128.84.231.91]) by mercury.ccmr.cornell.edu (8.9.3/8.9.3) with ESMTP id LAA10665 for ; Tue, 8 Oct 2002 11:53:35 -0400 Date: Tue, 8 Oct 2002 11:53:35 -0400 From: David Botsch To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <20021008155335.GC7397@domino.ccmr.cornell.edu> References: <20021007194800.A5594@ccmr.cornell.edu> <32522124.1034045521@[10.0.1.35]> Mime-Version: 1.0 Content-Type: text/plain; format=flowed; charset=ISO-8859-1 Content-Disposition: inline In-Reply-To: <32522124.1034045521@[10.0.1.35]>; from ragge@nada.kth.se on Mon, Oct 07, 2002 at 20:52:01 -0400 X-Mailer: Balsa 1.4.1 Lines: 65 Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: We are going to use the pagsh trick with window server to get a pag, and then use the aklog trick to get tokens with kerb auth. On 2002.10.07 20:52 Ragnar Sundblad wrote: > > > --On den 7 oktober 2002 19:48 -0400 David Botsch > wrote: > >> So, your trick sets up a pagsh for the windowserver (under which >> loginwindow runs, etc). Now, what happens to that pagsh when the >> loginwindow decides to become the user as which someone has logged >> in? >> You seemt to imply that essentially a su user takes place? >> >> Add to the above a kerberos login plugin similar to what was posted >> that >> just does an aklog, and we have tokens now. But, is it too late as >> far as >> afs home directories are concerned, here? >> >> You also mention afs kernel extensions not being present during the >> first >> login. Aren't these loaded when the startupscript starts afs as the >> Mac >> OS X machine starts? >> >> As much as I hate to say this, are there any replacements out there >> for >> loginwindow? For instance, it would be great to just be able to pop >> in >> gdm, have gdm auth with pam, then go into a normal OS X gui session. > > Note: I was not the one suggesting the pagsh script trick, I don't > think > it will cut it for afs based homedirs, while the loginLogout extension > does, that I have tried. > (Though I have considered something similar but from within init so > that > both loginwindow and windowmanager could share a pag. I still don't > know > if that is enough, maybe other services would need to share the pag > too, > that is why I say that the only maybe safe way to do this currently is > with per-uid-tokens (still not completely safe, though, the > SecurityAgent > is running as root, and if that wants to write in the users' home dir > it is smoked.) > > Please refer to earlier posts to catch up on the discussion. > > /ragge > > > _______________________________________________ > port-darwin mailing list > port-darwin@openafs.org > https://lists.openafs.org/mailman/listinfo/port-darwin -- ******************************** David William Botsch Consultant/Advisor II CCMR Computing Facility dwb7@ccmr.cornell.edu ******************************** From ragge@nada.kth.se Tue Oct 8 14:31:45 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp.nada.kth.se (smtp.nada.kth.se [130.237.222.232]) by grand.central.org (Postfix) with ESMTP id 5E6B99D0A for ; Tue, 8 Oct 2002 14:31:45 -0400 (EDT) X-Authentication-Info: Sender authentication was Received: from localhost (dyna225-094.nada.kth.se [130.237.225.94]) (authenticated bits=0) by smtp.nada.kth.se (8.12.1/8.12.1) with ESMTP id g98IVgV7014981; Tue, 8 Oct 2002 20:31:44 +0200 (MEST) Date: Tue, 08 Oct 2002 20:31:38 +0200 From: Ragnar Sundblad To: David Botsch , port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <96099483.1034109098@rp2> In-Reply-To: <20021008155335.GC7397@domino.ccmr.cornell.edu> References: <20021008155335.GC7397@domino.ccmr.cornell.edu> X-Mailer: Mulberry/2.2.1 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: --On den 8 oktober 2002 11:53 -0400 David Botsch wrote: > We are going to use the pagsh trick with window server to get a pag, and > then use the aklog trick to get tokens with kerb auth. And how would you do that? What aklog, called from where and when? The windowserver will have a per-process-tree pag while a loginLogout module would run in the SecurityServer/Agent process tree and never will the two meet. Maybe I am missing something, in that case I would be very happy to be told so, but I doubt that that would work. Loginhook isn't usable either since it A. Is run from loginwindow which != windowserver tree B. There are no kerberos tickets available when loginhook runs, at least in the current implementation of things. /ragge From drh@citi.umich.edu Tue Oct 8 14:40:12 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from citi.umich.edu (citi.umich.edu [141.211.92.141]) by grand.central.org (Postfix) with ESMTP id E922D9D0B for ; Tue, 8 Oct 2002 14:40:11 -0400 (EDT) Received: from citi.umich.edu (block.ifs.umich.edu [141.213.229.99]) by citi.umich.edu (Postfix) with ESMTP id 4FDD7207D2; Tue, 8 Oct 2002 14:40:11 -0400 (EDT) To: Ragnar Sundblad Cc: port-darwin@openafs.org From: Dan Hyde Reply-To: Dan Hyde Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 In-reply-to: Your message of Tue, 08 Oct 2002 20:31:38 +0200. <96099483.1034109098@rp2> Date: Tue, 08 Oct 2002 14:40:11 -0400 Message-ID: <26969.1034102411@block.ifs.umich.edu> Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: > The windowserver will have a per-process-tree pag while a > loginLogout module would run in the SecurityServer/Agent > process tree and never will the two meet. > > Maybe I am missing something, in that case I would be very > happy to be told so, but I doubt that that would work. They use the same kerberos credential cache? From ragge@nada.kth.se Tue Oct 8 14:50:59 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp.nada.kth.se (smtp.nada.kth.se [130.237.222.232]) by grand.central.org (Postfix) with ESMTP id 7AF439D1B for ; Tue, 8 Oct 2002 14:50:59 -0400 (EDT) X-Authentication-Info: Sender authentication was Received: from localhost (dyna225-094.nada.kth.se [130.237.225.94]) (authenticated bits=0) by smtp.nada.kth.se (8.12.1/8.12.1) with ESMTP id g98IorV7015150; Tue, 8 Oct 2002 20:50:54 +0200 (MEST) Date: Tue, 08 Oct 2002 20:50:49 +0200 From: Ragnar Sundblad To: Dan Hyde Cc: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <97250178.1034110249@rp2> In-Reply-To: <26969.1034102411@block.ifs.umich.edu> References: <26969.1034102411@block.ifs.umich.edu> X-Mailer: Mulberry/2.2.1 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: --On den 8 oktober 2002 14:40 -0400 Dan Hyde wrote: >> The windowserver will have a per-process-tree pag while a >> loginLogout module would run in the SecurityServer/Agent >> process tree and never will the two meet. >> >> Maybe I am missing something, in that case I would be very >> happy to be told so, but I doubt that that would work. > > They use the same kerberos credential cache? Yes, but since you pagsh in windowserver, the windowserver will have a different pag than the SecurityAgent, and it is the SecurityAgent that runs the loginLogout plugin. Have you got this to work on 10.2 with home directories in AFS? /ragge From jackson@CMU.EDU Tue Oct 8 14:58:41 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp5.andrew.cmu.edu (SMTP5.andrew.cmu.edu [128.2.10.85]) by grand.central.org (Postfix) with ESMTP id 875759D1A for ; Tue, 8 Oct 2002 14:58:41 -0400 (EDT) Received: from CMU.EDU (SARATOGA.CC.cmu.edu [128.2.6.34]) by smtp5.andrew.cmu.edu (8.12.3.Beta2/8.12.3.Beta2) with ESMTP id g98Iwf7r011703; Tue, 8 Oct 2002 14:58:41 -0400 Date: Tue, 8 Oct 2002 14:58:41 -0400 Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v546) Cc: port-darwin@openafs.org To: Dan Hyde From: Joseph Jackson In-Reply-To: <26969.1034102411@block.ifs.umich.edu> Message-Id: Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.546) Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I think Ragge's point is that creating a PAG for WindowServer won't do any good since the user's processes aren't children of that process. If he's right, then the Finder, Terminal, etc. would not be in the PAG. Dan, have you tried this out yet in 10.2? Does the "id" command show that the user processes land in a PAG? If so, does someone coming in through ssh or the web server join the PAG as well? Hopefully not. Joe. From ragge@nada.kth.se Tue Oct 8 15:13:36 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp.nada.kth.se (smtp.nada.kth.se [130.237.222.232]) by grand.central.org (Postfix) with ESMTP id 41B389CC7 for ; Tue, 8 Oct 2002 15:13:36 -0400 (EDT) X-Authentication-Info: Sender authentication was Received: from localhost (dyna225-094.nada.kth.se [130.237.225.94]) (authenticated bits=0) by smtp.nada.kth.se (8.12.1/8.12.1) with ESMTP id g98JDTV7015214; Tue, 8 Oct 2002 21:13:30 +0200 (MEST) Date: Tue, 08 Oct 2002 21:13:25 +0200 From: Ragnar Sundblad To: Joseph Jackson , Dan Hyde Cc: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <98606148.1034111605@rp2> In-Reply-To: References: X-Mailer: Mulberry/2.2.1 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: --On den 8 oktober 2002 14:58 -0400 Joseph Jackson wrote: > I think Ragge's point is that creating a PAG for WindowServer won't do > any good since the user's processes aren't children of that process. If > he's right, then the Finder, Terminal, etc. would not be in the PAG. Almost, actually those processes you mention runs from WindowServer, but for example loginwindow+pbs and SecurityAgent aren't, and SecurityAgent is the one running the kerberos loginLogout plugin. /ragge From dwb7@ccmr.cornell.edu Tue Oct 8 15:50:52 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mercury.ccmr.cornell.edu (mercury.ccmr.cornell.edu [128.84.231.97]) by grand.central.org (Postfix) with ESMTP id 25FFE9CC6 for ; Tue, 8 Oct 2002 15:50:52 -0400 (EDT) Received: from domino (domino.ccmr.cornell.edu [128.84.231.91]) by mercury.ccmr.cornell.edu (8.9.3/8.9.3) with ESMTP id PAA17118 for ; Tue, 8 Oct 2002 15:50:51 -0400 Date: Tue, 8 Oct 2002 15:50:51 -0400 From: David Botsch To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <20021008195051.GA8164@domino.ccmr.cornell.edu> References: <98606148.1034111605@rp2> Mime-Version: 1.0 Content-Type: text/plain; format=flowed; charset=ISO-8859-1 Content-Disposition: inline In-Reply-To: <98606148.1034111605@rp2>; from ragge@nada.kth.se on Tue, Oct 08, 2002 at 15:13:25 -0400 X-Mailer: Balsa 1.4.1 Lines: 39 Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Hmmm... is there a process then, which is the parent of both security server and window server? btw, so far, the pagsh trick for the windowserver simply locks up the computer. Upon logging in, it refused to authenticate. Upon logging out, Jaguar locked at the screen with the spinning contrast symbol. On 2002.10.08 15:13 Ragnar Sundblad wrote: > > > --On den 8 oktober 2002 14:58 -0400 Joseph Jackson > wrote: > >> I think Ragge's point is that creating a PAG for WindowServer won't >> do >> any good since the user's processes aren't children of that process. >> If >> he's right, then the Finder, Terminal, etc. would not be in the PAG. > > Almost, actually those processes you mention runs from WindowServer, > but for example loginwindow+pbs and SecurityAgent aren't, > and SecurityAgent is the one running the kerberos loginLogout plugin. > > /ragge > > > _______________________________________________ > port-darwin mailing list > port-darwin@openafs.org > https://lists.openafs.org/mailman/listinfo/port-darwin -- ******************************** David William Botsch Consultant/Advisor II CCMR Computing Facility dwb7@ccmr.cornell.edu ******************************** From drh@citi.umich.edu Tue Oct 8 16:15:27 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from citi.umich.edu (citi.umich.edu [141.211.92.141]) by grand.central.org (Postfix) with ESMTP id 18AC89C24 for ; Tue, 8 Oct 2002 16:15:27 -0400 (EDT) Received: from citi.umich.edu (block.ifs.umich.edu [141.213.229.99]) by citi.umich.edu (Postfix) with ESMTP id 21A36207D2; Tue, 8 Oct 2002 16:15:26 -0400 (EDT) To: Ragnar Sundblad Cc: Joseph Jackson , port-darwin@openafs.org From: Dan Hyde Reply-To: Dan Hyde Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 In-reply-to: Your message of Tue, 08 Oct 2002 21:13:25 +0200. <98606148.1034111605@rp2> Date: Tue, 08 Oct 2002 16:15:25 -0400 Message-ID: <28104.1034108125@block.ifs.umich.edu> Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: > > I think Ragge's point is that creating a PAG for WindowServer won't do > > any good since the user's processes aren't children of that process. If > > he's right, then the Finder, Terminal, etc. would not be in the PAG. > > Almost, actually those processes you mention runs from WindowServer, > but for example loginwindow+pbs and SecurityAgent aren't, > and SecurityAgent is the one running the kerberos loginLogout plugin. OK, coming clean time. I'm running 10.2.1, with openafs-1.2.7, with the WindowServer shell script (which doesn't hang), but still not using aklog via the loginLogout plugin, but doing one in the background at login time (which started as Terminal/aklog, to .login, etc). I have NOT tried the new method, and didn't think about SecurityAgent running in a different PAG then WindowServer. With all the juggling I've been trying, I didn't stop to verify that SecurityAgent isn't a child of WindowServer. Sorry for the confusion. So, what should I tell Apple tomorrow when I meet with them to talk about this sort of issue? From ragge@nada.kth.se Tue Oct 8 16:20:27 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp.nada.kth.se (smtp.nada.kth.se [130.237.222.232]) by grand.central.org (Postfix) with ESMTP id 045AA9D24 for ; Tue, 8 Oct 2002 16:20:27 -0400 (EDT) X-Authentication-Info: Sender authentication was Received: from localhost (dyna225-094.nada.kth.se [130.237.225.94]) (authenticated bits=0) by smtp.nada.kth.se (8.12.1/8.12.1) with ESMTP id g98KKPV7015823; Tue, 8 Oct 2002 22:20:26 +0200 (MEST) Date: Tue, 08 Oct 2002 22:20:20 +0200 From: Ragnar Sundblad To: David Botsch , port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <102621331.1034115620@rp2> In-Reply-To: <20021008195051.GA8164@domino.ccmr.cornell.edu> References: <20021008195051.GA8164@domino.ccmr.cornell.edu> X-Mailer: Mulberry/2.2.1 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: --On den 8 oktober 2002 15:50 -0400 David Botsch wrote: > Hmmm... is there a process then, which is the parent of both security > server and window server? init for windowserver+loginwindow (/etc/ttys), the security server is started from a startup item. /ragge From ragge@nada.kth.se Tue Oct 8 16:46:29 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp.nada.kth.se (smtp.nada.kth.se [130.237.222.232]) by grand.central.org (Postfix) with ESMTP id BC61F9C0C for ; Tue, 8 Oct 2002 16:46:28 -0400 (EDT) X-Authentication-Info: Sender authentication was Received: from localhost (dyna225-094.nada.kth.se [130.237.225.94]) (authenticated bits=0) by smtp.nada.kth.se (8.12.1/8.12.1) with ESMTP id g98KkQV7016024; Tue, 8 Oct 2002 22:46:26 +0200 (MEST) Date: Tue, 08 Oct 2002 22:46:21 +0200 From: Ragnar Sundblad To: Dan Hyde Cc: Joseph Jackson , port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <104182356.1034117181@rp2> In-Reply-To: <28104.1034108125@block.ifs.umich.edu> References: <28104.1034108125@block.ifs.umich.edu> X-Mailer: Mulberry/2.2.1 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: --On den 8 oktober 2002 16:15 -0400 Dan Hyde wrote: > OK, coming clean time. I'm running 10.2.1, with openafs-1.2.7, with > the WindowServer shell script (which doesn't hang), but still not using > aklog via the loginLogout plugin, but doing one in the background at > login time (which started as Terminal/aklog, to .login, etc). I see! I assume for example the dock would have problems reading its prefs if you don't either make your Library/Preferences publicly readable? I don't really like the idea of doing that, all kinds of stuff that is not intended for the general public could possible go in there without the user even knowing about it. > I have NOT tried the new method, and didn't think about SecurityAgent > running in a different PAG then WindowServer. With all the juggling > I've been trying, I didn't stop to verify that SecurityAgent isn't a > child of WindowServer. Sorry for the confusion. Well, it seems we are now all talking about the same things, so we are gettings somewhere! :-) > So, what should I tell Apple tomorrow when I meet with them to talk > about this sort of issue? I think we for now can get along using per-uid-tokens, but we should probable discuss a better solution with them. One mac(h)-ish idea is to use the same mach bootstrap port context mechanisms that other parts of the OS uses and of which I don't know very much. Their input and knowledge would be good. One potential problem with per-uid-tokens is that the SecurityAgent continues to run as root. If it wants to do anything involving the users afs files it won't be able to. There may be other similar situations. There are other issues that would be nice if you talk to them about, like for example the Finder behaving silly when tokens aren't in place (with arla at least), it shows files that it can't read with a thin outline (kind of gostish), but when you select them they disappear. And of course there is the old Finder-not-using-access()-call issue. /ragge From dwb7@ccmr.cornell.edu Tue Oct 8 17:10:00 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mercury.ccmr.cornell.edu (mercury.ccmr.cornell.edu [128.84.231.97]) by grand.central.org (Postfix) with ESMTP id 6BAE39C1B for ; Tue, 8 Oct 2002 17:10:00 -0400 (EDT) Received: from domino (domino.ccmr.cornell.edu [128.84.231.91]) by mercury.ccmr.cornell.edu (8.9.3/8.9.3) with ESMTP id RAA19189 for ; Tue, 8 Oct 2002 17:10:00 -0400 Date: Tue, 8 Oct 2002 17:09:59 -0400 From: David Botsch To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <20021008210959.GC8164@domino.ccmr.cornell.edu> References: <28104.1034108125@block.ifs.umich.edu> <104182356.1034117181@rp2> Mime-Version: 1.0 Content-Type: text/plain; format=flowed; charset=ISO-8859-1 Content-Disposition: inline In-Reply-To: <104182356.1034117181@rp2>; from ragge@nada.kth.se on Tue, Oct 08, 2002 at 16:46:21 -0400 X-Mailer: Balsa 1.4.1 Lines: 68 Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Two things I would talk to Apple about: 1. the logging in with a pag, authing against afs and getting tokens so we can have home dirs in afs space 2. fixing the finder so that it doesn't just look at the uid/gid to decide if someone has access to a file/folder. On 2002.10.08 16:46 Ragnar Sundblad wrote: > > > --On den 8 oktober 2002 16:15 -0400 Dan Hyde wrote: > >> OK, coming clean time. I'm running 10.2.1, with openafs-1.2.7, with >> the WindowServer shell script (which doesn't hang), but still not >> using >> aklog via the loginLogout plugin, but doing one in the background at >> login time (which started as Terminal/aklog, to .login, etc). > > I see! > I assume for example the dock would have problems reading its > prefs if you don't either make your Library/Preferences publicly > readable? I don't really like the idea of doing that, all kinds > of stuff that is not intended for the general public could > possible go in there without the user even knowing about it. > >> I have NOT tried the new method, and didn't think about SecurityAgent >> running in a different PAG then WindowServer. With all the juggling >> I've been trying, I didn't stop to verify that SecurityAgent isn't a >> child of WindowServer. Sorry for the confusion. > > Well, it seems we are now all talking about the same things, > so we are gettings somewhere! :-) > >> So, what should I tell Apple tomorrow when I meet with them to talk >> about this sort of issue? > > I think we for now can get along using per-uid-tokens, but we > should probable discuss a better solution with them. > One mac(h)-ish idea is to use the same mach bootstrap port > context mechanisms that other parts of the OS uses and of which > I don't know very much. Their input and knowledge would be good. > > One potential problem with per-uid-tokens is that the > SecurityAgent continues to run as root. If it wants to do > anything involving the users afs files it won't be able to. > There may be other similar situations. > > There are other issues that would be nice if you talk to them > about, like for example the Finder behaving silly when tokens > aren't in place (with arla at least), it shows files that it > can't read with a thin outline (kind of gostish), but when you > select them they disappear. And of course there is the old > Finder-not-using-access()-call issue. > > /ragge > > > _______________________________________________ > port-darwin mailing list > port-darwin@openafs.org > https://lists.openafs.org/mailman/listinfo/port-darwin -- ******************************** David William Botsch Consultant/Advisor II CCMR Computing Facility dwb7@ccmr.cornell.edu ******************************** From jackson@CMU.EDU Wed Oct 9 14:51:28 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp5.andrew.cmu.edu (SMTP5.andrew.cmu.edu [128.2.10.85]) by grand.central.org (Postfix) with ESMTP id B7C4B9C40 for ; Wed, 9 Oct 2002 14:51:28 -0400 (EDT) Received: from CMU.EDU (SARATOGA.CC.cmu.edu [128.2.6.34]) by smtp5.andrew.cmu.edu (8.12.3.Beta2/8.12.3.Beta2) with ESMTP id g99IpS7r011993; Wed, 9 Oct 2002 14:51:28 -0400 Date: Wed, 9 Oct 2002 14:51:27 -0400 Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v546) Cc: port-darwin@openafs.org To: Dan Hyde From: Joseph Jackson In-Reply-To: <28104.1034108125@block.ifs.umich.edu> Message-Id: <1E1A7BB6-DBB8-11D6-8E32-0003936F169E@CMU.EDU> Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.546) Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: On Tuesday, October 8, 2002, at 04:15 PM, Dan Hyde wrote: > So, what should I tell Apple tomorrow when I meet with them to talk > about this sort of issue? It's unfortunate that the Kerberos application doesn't work properly when /Library/Preferences is unreadable. When my AFS tokens expire, I can't use the Kerberos application to get new tickets because my home directory is in OpenAFS. It fails with this error: An error occurred while logging in. The specified realm is not in your configuration file or does not exist I'd prefer that it act like most apps and try to use the defaults in /Library/Preferences rather than failing. Joe Jackson, Carnegie Mellon University. From dwb7@ccmr.cornell.edu Wed Oct 9 14:57:36 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mercury.ccmr.cornell.edu (mercury.ccmr.cornell.edu [128.84.231.97]) by grand.central.org (Postfix) with ESMTP id 11D729D67 for ; Wed, 9 Oct 2002 14:57:36 -0400 (EDT) Received: from domino.ccmr.cornell.edu (RedFyre@domino.ccmr.cornell.edu [128.84.231.91]) by mercury.ccmr.cornell.edu (8.9.3/8.9.3) with ESMTP id OAA09387 for ; Wed, 9 Oct 2002 14:57:35 -0400 Received: (from dwb7@localhost) by domino.ccmr.cornell.edu (8.12.3/8.12.3) id g99IvZmr016817 for port-darwin@openafs.org; Wed, 9 Oct 2002 14:57:35 -0400 X-Authentication-Warning: domino.ccmr.cornell.edu: dwb7 set sender to dwb7@ccmr.cornell.edu using -f Date: Wed, 9 Oct 2002 14:57:35 -0400 From: David Botsch To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Message-ID: <20021009145735.A16472@ccmr.cornell.edu> References: <28104.1034108125@block.ifs.umich.edu> <1E1A7BB6-DBB8-11D6-8E32-0003936F169E@CMU.EDU> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <1E1A7BB6-DBB8-11D6-8E32-0003936F169E@CMU.EDU>; from jackson@CMU.EDU on Wed, Oct 09, 2002 at 02:51:27PM -0400 Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: A bad solution is to make that particular directory readable in user's afs home directories. While I haven't tried this under 10.2, under 10.1, I noted that if the user's edu.mit.Kerberos file did not exist, Kerberos auth failed. I had to touch the file in each user's home directory. On Wed, Oct 09, 2002 at 02:51:27PM -0400, Joseph Jackson wrote: > On Tuesday, October 8, 2002, at 04:15 PM, Dan Hyde wrote: > > > So, what should I tell Apple tomorrow when I meet with them to talk > > about this sort of issue? > > It's unfortunate that the Kerberos application doesn't work properly > when /Library/Preferences is unreadable. When my AFS tokens expire, I > can't use the Kerberos application to get new tickets because my home > directory is in OpenAFS. It fails with this error: > > An error occurred while logging in. > The specified realm is not in your configuration file or does not exist > > > I'd prefer that it act like most apps and try to use the defaults in > /Library/Preferences rather than failing. > > Joe Jackson, > Carnegie Mellon University. > > _______________________________________________ > port-darwin mailing list > port-darwin@openafs.org > https://lists.openafs.org/mailman/listinfo/port-darwin -- ******************************** David William Botsch Consultant/Advisor II CCMR Computing Facility dwb7@ccmr.cornell.edu ******************************** From jackson@CMU.EDU Wed Oct 9 16:47:47 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp5.andrew.cmu.edu (SMTP5.andrew.cmu.edu [128.2.10.85]) by grand.central.org (Postfix) with ESMTP id 9C0BB9D62 for ; Wed, 9 Oct 2002 16:47:47 -0400 (EDT) Received: from CMU.EDU (SARATOGA.CC.cmu.edu [128.2.6.34]) by smtp5.andrew.cmu.edu (8.12.3.Beta2/8.12.3.Beta2) with ESMTP id g99Kll7r021412; Wed, 9 Oct 2002 16:47:47 -0400 Date: Wed, 9 Oct 2002 16:47:46 -0400 Subject: Re: [OpenAFS-port-darwin] aklog/afslog at console login and Mac OS 10.2 Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v546) Cc: port-darwin@openafs.org To: David Botsch From: Joseph Jackson In-Reply-To: <20021009145735.A16472@ccmr.cornell.edu> Message-Id: <5DA05730-DBC8-11D6-8E32-0003936F169E@CMU.EDU> Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.546) Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Oops. I gave the wrong path in my original message. I find that the Kerberos app fails to get tickets if ~/Library/Preferences/edu.mit.Kerberos is unreadable. I'd like it to fail over to /Library/Preferences/edu.mit.Kerberos without error. On Wednesday, October 9, 2002, at 02:57 PM, David Botsch wrote: > A bad solution is to make that particular directory readable in user's > afs home directories. Agreed. That's pretty bad. ;-) I experimented in this mode for some time under 10.1, but I wouldn't ever put our users in this position. > While I haven't tried this under 10.2, under 10.1, I noted that if the > user's edu.mit.Kerberos > file did not exist, Kerberos auth failed. I had to touch the file in > each user's home > directory. I find that it works okay under 10.1 if the ~/Library/Preferences directory is readable but edu.mit.Kerberos doesn't exist inside it. It uses the defaults from /Library/Preferences/edu.mit.Kerberos. Now that I think about the details, I'll take a guess at what's going wrong. Perhaps the code is actually copying the Kerberos prefs from /Library to ~/Library and then using the file in ~/Library. I'd prefer if it used normal preferences chaining to try reading ~/Library first and then read /Library if that fails. In that case, the user doesn't get a copy of the preferences until they make a change that needs to be written back to the prefs file. I'll bring this up on the krbdev list to see what they say. Joe Jackson, Carnegie Mellon University. From thomasv@mac.com Wed Oct 9 19:42:18 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtpout.mac.com (smtpout.mac.com [204.179.120.87]) by grand.central.org (Postfix) with ESMTP id 4B3749D5C for ; Wed, 9 Oct 2002 19:42:17 -0400 (EDT) Received: from asmtp01.mac.com (asmtp01-qfe3 [10.13.10.65]) by smtpout.mac.com (Xserve/MantshX 2.0) with ESMTP id g99Ng6aS015635 for ; Wed, 9 Oct 2002 16:42:06 -0700 (PDT) Received: from mac.com ([64.165.202.97]) by asmtp01.mac.com (Netscape Messaging Server 4.15) with ESMTP id H3QN6F00.CTF for ; Wed, 9 Oct 2002 16:42:15 -0700 Date: Wed, 9 Oct 2002 16:41:38 -0700 Mime-Version: 1.0 (Apple Message framework v546) Content-Type: text/plain; charset=US-ASCII; format=flowed From: Thomas Vincent To: port-darwin@openafs.org Content-Transfer-Encoding: 7bit Message-Id: X-Mailer: Apple Mail (2.546) Subject: [OpenAFS-port-darwin] Port of AFS for DarwinPorts Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Has anyone attempted to write a port for DarwinPorts of OpenAFS? http://www.opendarwin.org/ Cheers, Thomas Vincent From valerio@cns.nyu.edu Thu Oct 10 11:37:01 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from calaf.cns.nyu.edu (CALAF.CNS.NYU.EDU [128.122.112.26]) by grand.central.org (Postfix) with ESMTP id 8C3CE9C0A; Thu, 10 Oct 2002 11:37:01 -0400 (EDT) Received: from cns.nyu.edu (babette.cns.nyu.edu [128.122.112.24]) by calaf.cns.nyu.edu (8.9.1b+Sun/8.9.1) with ESMTP id LAA20686; Thu, 10 Oct 2002 11:36:59 -0400 (EDT) Message-ID: <3DA59E9A.3060103@cns.nyu.edu> Date: Thu, 10 Oct 2002 11:36:58 -0400 From: Valerio Luccio User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20020823 Netscape/7.0 X-Accept-Language: en-us, en MIME-Version: 1.0 To: openafs-info@openafs.org, port-darwin@openafs.org Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: [OpenAFS-port-darwin] AFS Server on Apple Xserve Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I apologize if I send this on two lists, but I'm getting desperate. I'm trying to install OpenAFS on an Apple Xserve (running OS 10.2). The client part works without a hitch, but the server is driving me nuts (I no problem installing it on my RedHat). My current stumbling point is the "/vicepxx" partition: after managing to get the Xserve to mount the disk where I wanted (the standard tools will mount the disk under "/Volumes..."), I still can't get the volumeserver to see it (I've tried formatting it as both HFS and UFS). Here's what I get with different tools: : mount /dev/disk4 on /vicepa (local) : df /vicepa Filesystem 512-blocks Used Avail Capacity Mounted on /dev/disk4 233777984 8 222089088 0% /vicepa : disktool -l ***Disk Appeared ('disk4',Mountpoint = '/vicepa', fsType = 'ufs', volName = 'VICE') Yet .... : vos create koura.cns.nyu.edu /vicepa root.afs -cell fmri.nyu.edu -noauth vos : partition /vicepa does not exist on the server : vos listp koura.cns.nyu.edu -noauth The partitions on the server are: Total: 0 Has anyone out there gotten a server to run on Mac OS X Server ? Thanks, -- Valerio Luccio (212) 998-8736 Center For Neural Science 4 Washington Place, Room 935 New York University New York, NY 10003 "In an open world, who needs windows or gates?" From valerio@cns.nyu.edu Fri Oct 11 19:48:17 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from calaf.cns.nyu.edu (CALAF.CNS.NYU.EDU [128.122.112.26]) by grand.central.org (Postfix) with ESMTP id A7BEC9C33; Fri, 11 Oct 2002 19:48:16 -0400 (EDT) Received: from cns.nyu.edu (babette.cns.nyu.edu [128.122.112.24]) by calaf.cns.nyu.edu (8.9.1b+Sun/8.9.1) with ESMTP id TAA14293; Fri, 11 Oct 2002 19:48:12 -0400 (EDT) Message-ID: <3DA76339.3060608@cns.nyu.edu> Date: Fri, 11 Oct 2002 19:48:09 -0400 From: Valerio Luccio User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20020823 Netscape/7.0 X-Accept-Language: en-us, en MIME-Version: 1.0 To: openafs-devel Cc: port-darwin Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: [OpenAFS-port-darwin] AFSServer on Apple Xserve Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Thanks to Tim Wood, I can now see the partition on my Xserve using "vos listp" and I can create volumes on it. You need to use "niload" to load the flat file fstab into the NetInfo database. I still have problems, but I'll work on them over the week-end and hopefully I will be successfull. Thanks, -- Valerio Luccio (212) 998-8736 Center For Neural Science 4 Washington Place, Room 935 New York University New York, NY 10003 "In an open world, who needs windows or gates?" From das@doit.wisc.edu Fri Oct 11 17:00:50 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp2.wiscmail.wisc.edu (donner.doit.wisc.edu [144.92.197.184]) by grand.central.org (Postfix) with ESMTP id 2413C9C33 for ; Fri, 11 Oct 2002 17:00:50 -0400 (EDT) Received: from conversion-daemon.smtp2.doit.wisc.edu by smtp2.doit.wisc.edu (iPlanet Messaging Server 5.2 HotFix 0.8 (built Jul 12 2002)) id <0H3U00D014H2GA@smtp2.doit.wisc.edu> for port-darwin@openafs.org; Fri, 11 Oct 2002 16:00:43 -0500 (CDT) Received: from doit.wisc.edu (sparky.doit.wisc.edu [128.104.18.150]) by smtp2.doit.wisc.edu (iPlanet Messaging Server 5.2 HotFix 0.8 (built Jul 12 2002)) with ESMTP id <0H3U002P24ZTYK@smtp2.doit.wisc.edu> for port-darwin@openafs.org; Fri, 11 Oct 2002 15:59:53 -0500 (CDT) Date: Fri, 11 Oct 2002 15:59:54 -0500 From: Dave Schroeder To: port-darwin@openafs.org Message-id: <64630755-DD5C-11D6-83FE-0003938BEEEE@doit.wisc.edu> MIME-version: 1.0 X-Mailer: Apple Mail (2.546) Content-type: text/plain; format=flowed; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: [OpenAFS-port-darwin] How to stop searching of AFS volumes Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Hello, An AFS user on campus is reporting that after updating to the new version of OpenAFS for Jaguar, many installers that search local volumes now also attempt to search all of /afs. This is obviously not a good thing, as it would take forever. He claims that this didn't happen with OpenAFS under 10.1.5. So the question is this: is there a way to prevent AFS from being searched when an installer or other similar app is run, or making this not appear as a local filesystem? - Dave From valerio@cns.nyu.edu Wed Oct 16 17:44:56 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from calaf.cns.nyu.edu (CALAF.CNS.NYU.EDU [128.122.112.26]) by grand.central.org (Postfix) with ESMTP id 7D1759C0C; Wed, 16 Oct 2002 17:44:56 -0400 (EDT) Received: from cns.nyu.edu (babette.cns.nyu.edu [128.122.112.24]) by calaf.cns.nyu.edu (8.9.1b+Sun/8.9.1) with ESMTP id RAA17050; Wed, 16 Oct 2002 17:44:52 -0400 (EDT) Message-ID: <3DADDDC3.8090702@cns.nyu.edu> Date: Wed, 16 Oct 2002 17:44:35 -0400 From: Valerio Luccio User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20020823 Netscape/7.0 X-Accept-Language: en-us, en MIME-Version: 1.0 To: openafs-devel , port-darwin Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: [OpenAFS-port-darwin] Xserve saga, continued Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I'm posting this to two lists so that different audiences might read it. I've been trying to get the server part of AFS to work on an Apple Xserve (OS X 10.2) and I've had many problems. Here's a summary of my efforts so far. --------- Using RAID sets --------- The server does not seem to work using raided volumes that use the Apple's software RAID. --------- Getting the "/vicepx" to mount under "/" and be recognized --------- If you create an "/etc/fstab" file (does not exist by default in OS X 10.2) and specify the disk using the LABEL rather than the device name, it works: LABEL=VICEPA /vicepa ufs rw 0 2 That's because the OS assigns the device name to the disks on the fly and in parallel, so your disk can get assigned a different device name each time. This does not solve all the problems: AFS does not see the partition unless the info is stored in the NetInfo database. There are three solutions to the problem: 1. You are supposed to be able to configure the Mac so that it search the BSD-style flat files, including /etc/fstab. 2. As part of the startup script, the /etc/fstab file can be parsed and all of the /vicepxx mount points can be loaded into the NetInfo database using niload. 3. AFS uses "getfsent" to get the partition names (and if they are not loaded into the NetInfo database it does not see them), but the mount command for Darwin actually uses "getmntinfo", and this querries the actually mounted partitions. I haven't been able to get 1) to work and the info provided by Apple is minimal and confusing. Method 2) works, but is ugly and is not guaranteed to work in the future if Apple decides to change something. Method 3) is the cleanest, but I'm not sure how much code changes it involves. From a first quick scan of the source code it seems to be quite doable, but I don't know which pitfalls I will encounter. In any case, I'll try it and report the result and submit a change to the developer team to be incorporated into the release. --------- Replicating Volumes --------- As soon as you issue a "vos release", the disk gets corrupted. A "bos salvage" does not remedy the situation and the volume is lost forever. I have no idea what to do about this. -- Valerio Luccio (212) 998-8736 Center For Neural Science 4 Washington Place, Room 935 New York University New York, NY 10003 "In an open world, who needs windows or gates?" From shadow@dementia.org Thu Oct 17 00:06:33 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from scully.trafford.dementia.org (SCULLY.TRAFFORD.DEMENTIA.ORG [128.2.100.230]) by grand.central.org (Postfix) with ESMTP id 9F5B69C32; Thu, 17 Oct 2002 00:06:32 -0400 (EDT) Received: from localhost (root@localhost) by scully.trafford.dementia.org (8.11.6/8.11.6) with SMTP id g9H44mD10475; Thu, 17 Oct 2002 00:04:49 -0400 Date: Thu, 17 Oct 2002 00:04:48 -0400 (EDT) From: Derrick J Brashear X-Sender: shadow@scully.trafford.dementia.org To: port-darwin Cc: openafs-devel In-Reply-To: <3DADDDC3.8090702@cns.nyu.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: [OpenAFS-port-darwin] Re: [OpenAFS-devel] Xserve saga, continued Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: On Wed, 16 Oct 2002, Valerio Luccio wrote: > As soon as you issue a "vos release", the disk gets corrupted. A "bos > salvage" does not remedy the situation and the volume is lost forever. I > have no idea what to do about this. I don't have a pot to p, er, a machine to try this on. What's in FileLog after you vos release? What's in SalvageLog after you salvage? From valerio@cns.nyu.edu Thu Oct 17 09:17:44 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from calaf.cns.nyu.edu (CALAF.CNS.NYU.EDU [128.122.112.26]) by grand.central.org (Postfix) with ESMTP id 213969C49; Thu, 17 Oct 2002 09:17:44 -0400 (EDT) Received: from cns.nyu.edu (babette.cns.nyu.edu [128.122.112.24]) by calaf.cns.nyu.edu (8.9.1b+Sun/8.9.1) with ESMTP id JAA10209; Thu, 17 Oct 2002 09:17:34 -0400 (EDT) Message-ID: <3DAEB859.10501@cns.nyu.edu> Date: Thu, 17 Oct 2002 09:17:13 -0400 From: Valerio Luccio User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20020823 Netscape/7.0 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Derrick J Brashear Cc: port-darwin , openafs-devel References: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: [OpenAFS-port-darwin] Re: [OpenAFS-devel] Xserve saga, continued Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Derrick dixit: >On Wed, 16 Oct 2002, Valerio Luccio wrote: > > > >>> As soon as you issue a "vos release", the disk gets corrupted. A "bos >>> salvage" does not remedy the situation and the volume is lost forever. I >>> have no idea what to do about this. >> >> > >I don't have a pot to p, er, a machine to try this on. What's in FileLog >after you vos release? What's in SalvageLog after you salvage? > Sorry, I no longer have those logs, but I'll recreate the problem and send them. Thanks, -- Valerio Luccio (212) 998-8736 Center For Neural Science 4 Washington Place, Room 935 New York University New York, NY 10003 "In an open world, who needs windows or gates?" From valerio@cns.nyu.edu Thu Oct 17 09:38:54 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from calaf.cns.nyu.edu (CALAF.CNS.NYU.EDU [128.122.112.26]) by grand.central.org (Postfix) with ESMTP id 62D599C47; Thu, 17 Oct 2002 09:38:54 -0400 (EDT) Received: from cns.nyu.edu (babette.cns.nyu.edu [128.122.112.24]) by calaf.cns.nyu.edu (8.9.1b+Sun/8.9.1) with ESMTP id JAA10497; Thu, 17 Oct 2002 09:38:52 -0400 (EDT) Message-ID: <3DAEBD57.1010704@cns.nyu.edu> Date: Thu, 17 Oct 2002 09:38:31 -0400 From: Valerio Luccio User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20020823 Netscape/7.0 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Derrick J Brashear Cc: port-darwin , openafs-devel References: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: [OpenAFS-port-darwin] Re: [OpenAFS-devel] Xserve saga, continued Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Here's the info: {KOURA}~: vos release root.afs Failed to clone the RW volume 536870957 Volume needs to be salvaged Error in vos release command. Volume needs to be salvaged {KOURA}~: cat /usr/afs/logs/FileLog .... Thu Oct 17 09:31:22 2002 VAttachVolume: Error reading namei vol header /vicepa//V0536870957.vol; error=101 Thu Oct 17 09:31:22 2002 VAttachVolume: Error attaching volume /vicepa//V0536870957.vol; volume needs salvage; error=101 {KOURA}~: bos salvage koura.cns.nyu.edu /vicepa root.afs Starting salvage. bos: salvage completed {KOURA}~: cat /usr/afs/logs/SalvageLog @(#) OpenAFS 1.2.7 built 2002-10-15 10/17/2002 09:34:29 STARTING AFS SALVAGER 2.4 (/usr/local/libexec/openafs/salvager /vicepa 536870957) 10/17/2002 09:34:29 Found 0 link count file /vicepa/AFSIDat/h/h+++U/+/+/0. 10/17/2002 09:34:29 Found 0 link count file /vicepa/AFSIDat/h/h+++U/+/+/5. 10/17/2002 09:34:29 SALVAGING VOLUME 536870957. 10/17/2002 09:34:29 root.afs (536870957) updated 10/17/2002 09:25 10/17/2002 09:34:29 Vnode 2 (unique 2): corresponding inode 2 is missing; vnode deleted, vnode mod time=Thu Oct 17 09:25:30 2002 10/17/2002 09:34:29 Vnode 4 (unique 3): corresponding inode 7 is missing; vnode deleted, vnode mod time=Thu Oct 17 09:25:35 2002 10/17/2002 09:34:29 dir vnode 1: invalid entry: ./fmri.nyu.edu (vnode 2, unique 2) 10/17/2002 09:34:29 dir vnode 1: ./fmri.nyu.edu (vnode 2): unique changed from 2 to 0 -- deleted 10/17/2002 09:34:29 dir vnode 1: invalid entry: ./.fmri.nyu.edu (vnode 4, unique 3) 10/17/2002 09:34:29 dir vnode 1: ./.fmri.nyu.edu (vnode 4): unique changed from 3 to 0 -- deleted 10/17/2002 09:34:29 Salvaged root.afs (536870957): 1 files, 2 blocks {KOURA}~: vos listvol koura Total number of volumes on server koura partition /vicepa: 2 root.cell 536870960 RW 4 K On-line **** Could not attach volume 536870957 **** Total volumes onLine 1 ; Total volumes offLine 1 ; Total busy 0 As you can see from the last command, root.cell (which I did not release) is still there, but root.afs is corrupted. Any help/hint on this would be greatly appreciated. Thanks. Ciao, -- Valerio Luccio (212) 998-8736 Center For Neural Science 4 Washington Place, Room 935 New York University New York, NY 10003 "In an open world, who needs windows or gates?" From dwb7@ccmr.cornell.edu Thu Oct 17 10:15:28 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mercury.ccmr.cornell.edu (mercury.ccmr.cornell.edu [128.84.231.97]) by grand.central.org (Postfix) with ESMTP id 66F009CBF for ; Thu, 17 Oct 2002 10:15:28 -0400 (EDT) Received: from domino (RedFyre@domino.ccmr.cornell.edu [128.84.231.91]) by mercury.ccmr.cornell.edu (8.9.3/8.9.3) with ESMTP id KAA06173 for ; Thu, 17 Oct 2002 10:15:27 -0400 Date: Thu, 17 Oct 2002 10:15:27 -0400 From: David Botsch To: port-darwin@openafs.org Message-ID: <20021017141527.GE30806@domino.ccmr.cornell.edu> Mime-Version: 1.0 Content-Type: text/plain; format=flowed; charset=ISO-8859-1 Content-Disposition: inline X-Mailer: Balsa 1.4.1 Lines: 12 Subject: [OpenAFS-port-darwin] Apple Meeting Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: I remember one of us had Apple coming by and was going to discuss some of the afs issues with them. I'm curious as to what they had to say. -- ******************************** David William Botsch Consultant/Advisor II CCMR Computing Facility dwb7@ccmr.cornell.edu ******************************** From jmouille@engin.umich.edu Sun Oct 20 03:45:07 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp.engin.umich.edu (smtp.engin.umich.edu [141.213.75.24]) by grand.central.org (Postfix) with ESMTP id 628DD9C24 for ; Sun, 20 Oct 2002 03:45:07 -0400 (EDT) Received: from metadata.local. (pcp02256037pcs.wanarb01.mi.comcast.net [68.41.189.133]) by smtp.engin.umich.edu (8.9.3/8.9.1) with ESMTP id DAA15289 for ; Sun, 20 Oct 2002 03:31:53 -0400 (EDT) Date: Sun, 20 Oct 2002 03:31:25 -0400 Mime-Version: 1.0 (Apple Message framework v543) Content-Type: text/plain; charset=US-ASCII; format=flowed From: Jean-Pierre Mouilleseaux To: port-darwin@openafs.org Content-Transfer-Encoding: 7bit Message-Id: X-Mailer: Apple Mail (2.543) Subject: [OpenAFS-port-darwin] darwin install from source Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: as per thomas' suggestion i am creating a darwinport of openafs. i have lots of questions pertaining to source installs - a simple configure && make all && make install seems to differ greatly from the mac os x package and the darwin binary tree - the source install appears to be missing a great deal of structure of the os x package and the startup item. is there any truth to a rumoured magical script which builds this structure? is there a reason the makefile does not create this structure directly for the darwin host? is the startup item hiding somewhere in the source tree and i have missed it? additionally unless i am lost, make install does not install the config files necessary to configure the afs daemon - is this an oversight or perhaps a separate make target? thank you for your help. regards, jean-pierre From cg2v@andrew.cmu.edu Sun Oct 20 13:32:27 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp7.andrew.cmu.edu (SMTP7.andrew.cmu.edu [128.2.10.87]) by grand.central.org (Postfix) with ESMTP id 52C119C02 for ; Sun, 20 Oct 2002 13:32:27 -0400 (EDT) Received: from endicott (dhcp-7-60.dsl.telerama.com [205.201.7.60]) (user=cg2v mech=KERBEROS_V4 (0 bits)) by smtp7.andrew.cmu.edu (8.12.3.Beta2/8.12.3.Beta2) with ESMTP id g9KHWLBI001164 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NOT) for ; Sun, 20 Oct 2002 13:32:26 -0400 Date: Sun, 20 Oct 2002 13:32:20 -0400 From: Chaskiel M Grundman To: port-darwin@openafs.org Subject: Re: [OpenAFS-port-darwin] darwin install from source Message-ID: <9950000.1035135140@endicott> In-Reply-To: References: Originator-Info: login-id=cg2v; server=cyrus.andrew.cmu.edu; token_authority=postmaster@andrew.cmu.edu X-Mailer: Mulberry/2.1.2 (Linux/x86) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: it is not 'make install''s purpose to construct something that can be installed into an operating system. make install is structured to create a vaguely gnu-compatible install into a random $(prefix), nothing more. Anything that doesn't fit into that sort of structure (like kernel modules and startup scripts) isn't handled by make install yet. [actually, that's not exactly right. kernel modules are "installed" into ${prefix}/lib/openafs] The startup script is src/afsd/afs.rc.darwin SystemParameters.plist is src/afsd/afs.rc.darwin.plist The script and supporting files used to make the osx packages are in http://cvs.openafs.org/src/packaging/MacOS From hotz@jpl.nasa.gov Mon Oct 21 20:54:06 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from eis-msg-012.jpl.nasa.gov (eis-msg-012.jpl.nasa.gov [137.78.160.40]) by grand.central.org (Postfix) with ESMTP id 8AA729C0D for ; Mon, 21 Oct 2002 20:54:06 -0400 (EDT) Received: from [137.78.212.225] (laphotz.jpl.nasa.gov [137.78.212.225]) by eis-msg-012.jpl.nasa.gov (8.12.1/8.12.1) with ESMTP id g9M0s4Bo017044; Mon, 21 Oct 2002 17:54:04 -0700 (PDT) Mime-Version: 1.0 X-Sender: hotzmail@redhotz.jpl.nasa.gov Message-Id: Date: Mon, 21 Oct 2002 17:54:03 -0700 To: krbdev@mit.edu, port-darwin@openafs.org, arla-drinkers@stacken.kth.se From: "Henry B. Hotz" Content-Type: text/plain; charset="us-ascii" ; format="flowed" Subject: [OpenAFS-port-darwin] Re: Kerberos for Macintosh Login Authentication, Help? Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: This is really frustrating. With all the documentation on the web it seems like it should be working now. It *almost* works. I've installed a edu.mit.Kerberos file on a just-upgraded OSX 10.2.1 system that didn't have it before. >[machotz:~] hotz% more /Library/Preferences/edu.mit.Kerberos >[libdefaults] > default_realm = JPL.NASA.GOV >[logging] > default = FILE:/KLog >[v4 realms] > JPL.NASA.GOV = { > kdc = eis-fil-afsdb08.jpl.nasa.gov > kdc = eis-fil-afsdb09.jpl.nasa.gov > kdc = eis-fil-afsdb10.jpl.nasa.gov > admin_server = kerberos.jpl.nasa.gov > default_domain = jpl.nasa.gov > string_to_key_type = afs_string_to_key > } >[v4 domain_realm] > .jpl.nasa.gov = JPL.NASA.GOV > jpl.nasa.gov = JPL.NASA.GOV Also modified /etc/authorization as follows: > > system.login.done > > eval > switch_to_user, krb5auth:login > Added group read access to ~/Library/Preferences/ (Do I really need to do this?) >[machotz:~] hotz% ls -ld ~/Library/Preferences/ >drwxr-x--- 94 hotz staff 3196 Oct 21 17:17 /Users/hotz/Library/Preferences/ Now kinit/klist/kdestoy work fine. The Kerberos GUI also works fine. I've restarted the computer and when I log back in klist shows no tickets. I have not installed the Kerberos Extras, but I don't think I need them. What else do I need to do to get the login authenticator to work? Note that kpasswd does not work, and the /KLog file and console log remain bare of any indications of any problem. >[machotz:~] hotz% klist >Kerberos 4 ticket cache: 'Initial default ccache' >Default Principal: hotz@JPL.NASA.GOV >Issued Expires Service Principal >10/21/02 16:24:59 10/22/02 17:51:20 krbtgt.JPL.NASA.GOV@JPL.NASA.GOV > >[machotz:~] hotz% kpasswd >Kerberos Change Password: >Please enter the old password for hotz@JPL.NASA.GOV: >Kerberos Change Password Failed: Principal unknown >Please enter the old password for hotz@JPL.NASA.GOV: kerberos is a CNAME for eis-fil-afsdb08. It's really running a kaserver (hence the v4 and afs key stuff). I'm not trying to put my home directory in AFS space, just gain access to AFS automatically on login. -- The opinions expressed in this message are mine, not those of Caltech, JPL, NASA, or the US Government. Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu From dwb7@ccmr.cornell.edu Mon Oct 21 21:31:24 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mercury.ccmr.cornell.edu (mercury.ccmr.cornell.edu [128.84.231.97]) by grand.central.org (Postfix) with ESMTP id 9AA2E9C0D for ; Mon, 21 Oct 2002 21:31:24 -0400 (EDT) Received: from domino.ccmr.cornell.edu (RedFyre@domino.ccmr.cornell.edu [128.84.231.91]) by mercury.ccmr.cornell.edu (8.9.3/8.9.3) with ESMTP id VAA02740; Mon, 21 Oct 2002 21:31:22 -0400 Received: (from dwb7@localhost) by domino.ccmr.cornell.edu (8.12.3/8.12.3) id g9M1VMTu010106; Mon, 21 Oct 2002 21:31:22 -0400 X-Authentication-Warning: domino.ccmr.cornell.edu: dwb7 set sender to dwb7@ccmr.cornell.edu using -f Date: Mon, 21 Oct 2002 21:31:22 -0400 From: David Botsch To: "Henry B. Hotz" Cc: krbdev@mit.edu, port-darwin@openafs.org, arla-drinkers@stacken.kth.se Message-ID: <20021021213122.A10098@ccmr.cornell.edu> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: ; from hotz@jpl.nasa.gov on Mon, Oct 21, 2002 at 05:54:03PM -0700 Subject: [OpenAFS-port-darwin] Re: Kerberos for Macintosh Login Authentication, Help? Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: There is another edit you need to make to /etc/authorization: system.login.console eval loginwindow_builtin:login,krb5auth:authnoverify,loginwin dow_builtin:success This is really frustrating. With all the documentation on the web it > seems like it should be working now. It *almost* works. > > I've installed a edu.mit.Kerberos file on a just-upgraded OSX 10.2.1 > system that didn't have it before. > > >[machotz:~] hotz% more /Library/Preferences/edu.mit.Kerberos > >[libdefaults] > > default_realm = JPL.NASA.GOV > >[logging] > > default = FILE:/KLog > >[v4 realms] > > JPL.NASA.GOV = { > > kdc = eis-fil-afsdb08.jpl.nasa.gov > > kdc = eis-fil-afsdb09.jpl.nasa.gov > > kdc = eis-fil-afsdb10.jpl.nasa.gov > > admin_server = kerberos.jpl.nasa.gov > > default_domain = jpl.nasa.gov > > string_to_key_type = afs_string_to_key > > } > >[v4 domain_realm] > > .jpl.nasa.gov = JPL.NASA.GOV > > jpl.nasa.gov = JPL.NASA.GOV > > Also modified /etc/authorization as follows: > > > > > system.login.done > > > > eval > > switch_to_user, krb5auth:login > > > > Added group read access to ~/Library/Preferences/ (Do I really need > to do this?) > > >[machotz:~] hotz% ls -ld ~/Library/Preferences/ > >drwxr-x--- 94 hotz staff 3196 Oct 21 17:17 /Users/hotz/Library/Preferences/ > > Now kinit/klist/kdestoy work fine. The Kerberos GUI also works fine. > I've restarted the computer and when I log back in klist shows no > tickets. I have not installed the Kerberos Extras, but I don't think > I need them. What else do I need to do to get the login > authenticator to work? > > Note that kpasswd does not work, and the /KLog file and console log > remain bare of any indications of any problem. > > >[machotz:~] hotz% klist > >Kerberos 4 ticket cache: 'Initial default ccache' > >Default Principal: hotz@JPL.NASA.GOV > >Issued Expires Service Principal > >10/21/02 16:24:59 10/22/02 17:51:20 krbtgt.JPL.NASA.GOV@JPL.NASA.GOV > > > >[machotz:~] hotz% kpasswd > >Kerberos Change Password: > >Please enter the old password for hotz@JPL.NASA.GOV: > >Kerberos Change Password Failed: Principal unknown > >Please enter the old password for hotz@JPL.NASA.GOV: > > kerberos is a CNAME for eis-fil-afsdb08. It's really running a > kaserver (hence the v4 and afs key stuff). I'm not trying to put my > home directory in AFS space, just gain access to AFS automatically on > login. > -- > The opinions expressed in this message are mine, > not those of Caltech, JPL, NASA, or the US Government. > Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu -- ******************************** David William Botsch Consultant/Advisor II CCMR Computing Facility dwb7@ccmr.cornell.edu ******************************** From ragge@nada.kth.se Mon Oct 21 21:34:01 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp.nada.kth.se (smtp.nada.kth.se [130.237.222.232]) by grand.central.org (Postfix) with ESMTP id 5996E9C0D for ; Mon, 21 Oct 2002 21:34:01 -0400 (EDT) X-Authentication-Info: Sender authentication was Received: from localhost (dyna225-140.nada.kth.se [130.237.225.140]) (authenticated bits=0) by smtp.nada.kth.se (8.12.1/8.12.1) with ESMTP id g9M1XtV7013735; Tue, 22 Oct 2002 03:33:57 +0200 (MEST) Date: Tue, 22 Oct 2002 03:33:49 +0200 From: Ragnar Sundblad To: "Henry B. Hotz" , krbdev@mit.edu, port-darwin@openafs.org, arla-drinkers@stacken.kth.se Subject: Re: [OpenAFS-port-darwin] Re: Kerberos for Macintosh Login Authentication, Help? Message-ID: <395179818.1035257629@rp2> In-Reply-To: References: X-Mailer: Mulberry/2.2.1 (Win32) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: --On den 21 oktober 2002 17:54 -0700 "Henry B. Hotz" wrote: > Also modified /etc/authorization as follows: > >> >> system.login.done >> >> eval >> switch_to_user, krb5auth:login >> We don't have a space between "switch_to_user," and "krb5auth:login", that could be your console login problem. > Added group read access to ~/Library/Preferences/ (Do I really need to > do this?) If you have your home directory in AFS and don't use any of the loginLogout plugins to get you to token at console login time, you have to to use your own prefs for the Dock and other apps that are started at login time. I prefer not doing that since all kinds of prefs go there and it is not sure that the user really wants them all to be world readable. (See list port-darwin@openafs.org, 1:13 PM -0700 Alexei Kosut for a loginLogout plugin.) Don't know enough about the kpasswd/ka server stuff to say anything, I am sure someone else knows. /ragge From smcguire@MIT.EDU Mon Oct 21 21:34:26 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.7.21.83]) by grand.central.org (Postfix) with ESMTP id CEDED9C0D for ; Mon, 21 Oct 2002 21:34:25 -0400 (EDT) Received: from central-city-carrier-station.mit.edu (CENTRAL-CITY-CARRIER-STATION.MIT.EDU [18.7.7.72]) by pacific-carrier-annex.mit.edu (8.9.2/8.9.2) with ESMTP id VAA05062; Mon, 21 Oct 2002 21:34:23 -0400 (EDT) Received: from melbourne-city-street.mit.edu (MELBOURNE-CITY-STREET.MIT.EDU [18.7.21.86]) by central-city-carrier-station.mit.edu (8.9.2/8.9.2) with ESMTP id VAA17095; Mon, 21 Oct 2002 21:34:23 -0400 (EDT) Received: from [66.30.192.91] (beaglescout.ne.client2.attbi.com [66.30.192.91]) by melbourne-city-street.mit.edu (8.9.2/8.9.2) with ESMTP id VAA00552; Mon, 21 Oct 2002 21:34:22 -0400 (EDT) Mime-Version: 1.0 Message-Id: In-Reply-To: References: Date: Mon, 21 Oct 2002 21:34:16 -0400 To: "Henry B. Hotz" , krbdev@MIT.EDU, port-darwin@openafs.org, arla-drinkers@stacken.kth.se From: Scott McGuire Content-Type: text/plain; charset="us-ascii" ; format="flowed" Subject: [OpenAFS-port-darwin] Re: Kerberos for Macintosh Login Authentication, Help? Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: At 5:54 PM -0700 10/21/02, Henry B. Hotz wrote: >Also modified /etc/authorization as follows: > >> >> system.login.done >> >> eval >> switch_to_user, krb5auth:login >> > >Now kinit/klist/kdestoy work fine. The Kerberos GUI also works >fine. I've restarted the computer and when I log back in klist shows >no tickets. I have not installed the Kerberos Extras, but I don't >think I need them. What else do I need to do to get the login >authenticator to work? I can help with this part of your questions. The originally published Apple documentation for the authenticator had a typo in it. You need to eliminate the space between "switch_to_user" and "krb5auth:login", that is, the line should read: switch_to_user,krb5auth:login You should re-read and check your changes against the current version of the "Mac OS X 10.2: How to Enable Kerberos Authentication for Login Window" document, which has had a few problems corrected since it was first released: but removing the space should allow getting Kerberos tickets as a side effect of logging in. -- Scott McGuire / smcguire@mit.edu MIT Information Systems Macintosh Developer From hotz@jpl.nasa.gov Tue Oct 22 16:07:54 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from eis-msg-012.jpl.nasa.gov (eis-msg-012.jpl.nasa.gov [137.78.160.40]) by grand.central.org (Postfix) with ESMTP id 8D7B69C15 for ; Tue, 22 Oct 2002 16:07:54 -0400 (EDT) Received: from [137.78.212.249] (dhcp-78-212-249.jpl.nasa.gov [137.78.212.249]) by eis-msg-012.jpl.nasa.gov (8.12.1/8.12.1) with ESMTP id g9MK7hBo018526; Tue, 22 Oct 2002 13:07:43 -0700 (PDT) Mime-Version: 1.0 X-Sender: hotzmail@redhotz.jpl.nasa.gov Message-Id: In-Reply-To: <20021021213122.A10098@ccmr.cornell.edu> References: <20021021213122.A10098@ccmr.cornell.edu> Date: Tue, 22 Oct 2002 13:07:41 -0700 To: David Botsch From: "Henry B. Hotz" Cc: krbdev@mit.edu, port-darwin@openafs.org, arla-drinkers@stacken.kth.se Content-Type: text/plain; charset="us-ascii" ; format="flowed" Subject: [OpenAFS-port-darwin] Re: Kerberos for Macintosh Login Authentication, Help? Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: At 9:31 PM -0400 10/21/02, David Botsch wrote: >There is another edit you need to make to /etc/authorization: > > system.login.console > > eval > >loginwindow_builtin:login,krb5auth:authnoverify,loginwindow_builtin:success > >the edit you put in only gets you kerberos tickets when loggin in but does not >actually authenticate you against kerberos. I don't want login dependent on having a network connection, much less having the server running properly. I just want to get a ticket if it's possible. Do I still need to do the extra edit? My interpretation of the web pages was that I didn't need it for my loose dependence. I think I'm asking a real dumb, newby type question. If the built-in KfM stuff weren't so new I'd feel really stupid. Maybe. Thanks for responding! On Mon, Oct 21, 2002 at 05:54:03PM -0700, Henry B. Hotz wrote: > This is really frustrating. With all the documentation on the web it > seems like it should be working now. It *almost* works. > > I've installed a edu.mit.Kerberos file on a just-upgraded OSX 10.2.1 > system that didn't have it before. > > >[machotz:~] hotz% more /Library/Preferences/edu.mit.Kerberos > >[libdefaults] > > default_realm = JPL.NASA.GOV > >[logging] > > default = FILE:/KLog > >[v4 realms] > > JPL.NASA.GOV = { > > kdc = eis-fil-afsdb08.jpl.nasa.gov > > kdc = eis-fil-afsdb09.jpl.nasa.gov > > kdc = eis-fil-afsdb10.jpl.nasa.gov > > admin_server = kerberos.jpl.nasa.gov > > default_domain = jpl.nasa.gov > > string_to_key_type = afs_string_to_key > > } > >[v4 domain_realm] > > .jpl.nasa.gov = JPL.NASA.GOV > > jpl.nasa.gov = JPL.NASA.GOV > > Also modified /etc/authorization as follows: > > > > > system.login.done > > > > eval > > switch_to_user, krb5auth:login > > > > Added group read access to ~/Library/Preferences/ (Do I really need > to do this?) > > >[machotz:~] hotz% ls -ld ~/Library/Preferences/ > >drwxr-x--- 94 hotz staff 3196 Oct 21 17:17 >/Users/hotz/Library/Preferences/ > > Now kinit/klist/kdestoy work fine. The Kerberos GUI also works fine. > I've restarted the computer and when I log back in klist shows no > tickets. I have not installed the Kerberos Extras, but I don't think > I need them. What else do I need to do to get the login > authenticator to work? > > Note that kpasswd does not work, and the /KLog file and console log > remain bare of any indications of any problem. > > >[machotz:~] hotz% klist > >Kerberos 4 ticket cache: 'Initial default ccache' > >Default Principal: hotz@JPL.NASA.GOV > >Issued Expires Service Principal > >10/21/02 16:24:59 10/22/02 17:51:20 krbtgt.JPL.NASA.GOV@JPL.NASA.GOV > > > >[machotz:~] hotz% kpasswd > >Kerberos Change Password: > >Please enter the old password for hotz@JPL.NASA.GOV: > >Kerberos Change Password Failed: Principal unknown > >Please enter the old password for hotz@JPL.NASA.GOV: > > kerberos is a CNAME for eis-fil-afsdb08. It's really running a > kaserver (hence the v4 and afs key stuff). I'm not trying to put my > home directory in AFS space, just gain access to AFS automatically on > login. > -- > The opinions expressed in this message are mine, > not those of Caltech, JPL, NASA, or the US Government. > Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu -- The opinions expressed in this message are mine, not those of Caltech, JPL, NASA, or the US Government. Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu From arosenbl@mac.com Tue Oct 22 16:12:47 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtpout.mac.com (smtpout.mac.com [204.179.120.86]) by grand.central.org (Postfix) with ESMTP id 85F6A9C15 for ; Tue, 22 Oct 2002 16:12:47 -0400 (EDT) Received: from asmtp01.mac.com (asmtp01-qfe3 [10.13.10.65]) by smtpout.mac.com (Xserve/MantshX 2.0) with ESMTP id g9MKCklC021273 for ; Tue, 22 Oct 2002 13:12:46 -0700 (PDT) Received: from mac.com ([166.90.245.14]) by asmtp01.mac.com (Netscape Messaging Server 4.15) with ESMTP id H4EG5A00.Q3Y; Tue, 22 Oct 2002 13:12:46 -0700 Date: Tue, 22 Oct 2002 16:12:45 -0400 Subject: Re: [OpenAFS-port-darwin] Re: Kerberos for Macintosh Login Authentication, Help? Content-Type: text/plain; delsp=yes; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v546) Cc: port-darwin@openafs.org To: "Henry B. Hotz" From: Aaron Rosenblum In-Reply-To: Message-Id: Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.546) Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: No, you do not need the extra edit if all you want to do is get tickets as a side effect of logging in. Please note, however, that you must have a local username and password that match your kerberos username/password for this to work. Hope this helps. Aaron On Tuesday, October 22, 2002, at 04:07 PM, Henry B. Hotz wrote: > At 9:31 PM -0400 10/21/02, David Botsch wrote: >> There is another edit you need to make to /etc/authorization: >> >> system.login.console >> >> eval >> loginwindow_builtin:login,krb5auth:authnoverify,loginwindow_bu >> iltin:success> >> >> the edit you put in only gets you kerberos tickets when loggin in but >> does not >> actually authenticate you against kerberos. > > I don't want login dependent on having a network connection, much less > having the server running properly. I just want to get a ticket if > it's possible. > > Do I still need to do the extra edit? My interpretation of the web > pages was that I didn't need it for my loose dependence. > > I think I'm asking a real dumb, newby type question. If the built-in > KfM stuff weren't so new I'd feel really stupid. Maybe. > > Thanks for responding! > > On Mon, Oct 21, 2002 at 05:54:03PM -0700, Henry B. Hotz wrote: >> This is really frustrating. With all the documentation on the web it >> seems like it should be working now. It *almost* works. >> >> I've installed a edu.mit.Kerberos file on a just-upgraded OSX 10.2.1 >> system that didn't have it before. >> >> >[machotz:~] hotz% more /Library/Preferences/edu.mit.Kerberos >> >[libdefaults] >> > default_realm = JPL.NASA.GOV >> >[logging] >> > default = FILE:/KLog >> >[v4 realms] >> > JPL.NASA.GOV = { >> > kdc = eis-fil-afsdb08.jpl.nasa.gov >> > kdc = eis-fil-afsdb09.jpl.nasa.gov >> > kdc = eis-fil-afsdb10.jpl.nasa.gov >> > admin_server = kerberos.jpl.nasa.gov >> > default_domain = jpl.nasa.gov >> > string_to_key_type = afs_string_to_key >> > } >> >[v4 domain_realm] >> > .jpl.nasa.gov = JPL.NASA.GOV >> > jpl.nasa.gov = JPL.NASA.GOV >> >> Also modified /etc/authorization as follows: >> >> > >> > system.login.done >> > >> > eval >> > switch_to_user, krb5auth:login >> > >> >> Added group read access to ~/Library/Preferences/ (Do I really need >> to do this?) >> >> >[machotz:~] hotz% ls -ld ~/Library/Preferences/ >> >drwxr-x--- 94 hotz staff 3196 Oct 21 17:17 >> /Users/hotz/Library/Preferences/ >> >> Now kinit/klist/kdestoy work fine. The Kerberos GUI also works fine. >> I've restarted the computer and when I log back in klist shows no >> tickets. I have not installed the Kerberos Extras, but I don't think >> I need them. What else do I need to do to get the login >> authenticator to work? >> >> Note that kpasswd does not work, and the /KLog file and console log >> remain bare of any indications of any problem. >> >> >[machotz:~] hotz% klist >> >Kerberos 4 ticket cache: 'Initial default ccache' >> >Default Principal: hotz@JPL.NASA.GOV >> >Issued Expires Service Principal >> >10/21/02 16:24:59 10/22/02 17:51:20 >> krbtgt.JPL.NASA.GOV@JPL.NASA.GOV >> > >> >[machotz:~] hotz% kpasswd >> >Kerberos Change Password: >> >Please enter the old password for hotz@JPL.NASA.GOV: >> >Kerberos Change Password Failed: Principal unknown >> >Please enter the old password for hotz@JPL.NASA.GOV: >> >> kerberos is a CNAME for eis-fil-afsdb08. It's really running a >> kaserver (hence the v4 and afs key stuff). I'm not trying to put my >> home directory in AFS space, just gain access to AFS automatically on >> login. >> -- >> The opinions expressed in this message are mine, >> not those of Caltech, JPL, NASA, or the US Government. >> Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu > > -- > The opinions expressed in this message are mine, > not those of Caltech, JPL, NASA, or the US Government. > Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu > _______________________________________________ > port-darwin mailing list > port-darwin@openafs.org > https://lists.openafs.org/mailman/listinfo/port-darwin From hotz@jpl.nasa.gov Tue Oct 22 17:23:01 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from eis-msg-012.jpl.nasa.gov (eis-msg-012.jpl.nasa.gov [137.78.160.40]) by grand.central.org (Postfix) with ESMTP id 0F6CB9C0C for ; Tue, 22 Oct 2002 17:23:01 -0400 (EDT) Received: from [137.78.212.249] (laphotz.jpl.nasa.gov [137.78.212.225]) by eis-msg-012.jpl.nasa.gov (8.12.1/8.12.1) with ESMTP id g9MLMwBo004550; Tue, 22 Oct 2002 14:22:58 -0700 (PDT) Mime-Version: 1.0 X-Sender: hotzmail@redhotz.jpl.nasa.gov Message-Id: In-Reply-To: <20021022160107.3B04B9D1D@grand.central.org> References: <20021022160107.3B04B9D1D@grand.central.org> Date: Tue, 22 Oct 2002 14:22:57 -0700 To: Scott McGuire , Ragnar Sundblad , David Botsch From: "Henry B. Hotz" Cc: port-darwin@openafs.org, arla-drinkers@stacken.kth.se, krbdev@MIT.EDU Content-Type: text/plain; charset="us-ascii" ; format="flowed" Subject: [OpenAFS-port-darwin] Thanks, was: Kerberos for Macintosh Login Authentication, Help? Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: The problem was the space after the comma in /etc/authorization. Deleting it made everything work. (I was working from an old printout of the Apple instructions.) Many thanks for the help! Now, on to connecting to AFS. . . -- The opinions expressed in this message are mine, not those of Caltech, JPL, NASA, or the US Government. Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu From dwb7@ccmr.cornell.edu Tue Oct 22 17:27:53 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from mercury.ccmr.cornell.edu (mercury.ccmr.cornell.edu [128.84.231.97]) by grand.central.org (Postfix) with ESMTP id 74A869C15 for ; Tue, 22 Oct 2002 17:27:53 -0400 (EDT) Received: from domino (RedFyre@domino.ccmr.cornell.edu [128.84.231.91]) by mercury.ccmr.cornell.edu (8.9.3/8.9.3) with ESMTP id RAA25382; Tue, 22 Oct 2002 17:27:49 -0400 Date: Tue, 22 Oct 2002 17:27:49 -0400 From: David Botsch To: "Henry B. Hotz" Cc: David Botsch , krbdev@mit.edu, port-darwin@openafs.org, arla-drinkers@stacken.kth.se Message-ID: <20021022212749.GG12265@domino.ccmr.cornell.edu> References: <20021021213122.A10098@ccmr.cornell.edu> Mime-Version: 1.0 Content-Type: text/plain; format=flowed; charset=ISO-8859-1 Content-Disposition: inline In-Reply-To: ; from hotz@jpl.nasa.gov on Tue, Oct 22, 2002 at 16:07:41 -0400 X-Mailer: Balsa 1.4.1 Lines: 123 Subject: [OpenAFS-port-darwin] Re: Kerberos for Macintosh Login Authentication, Help? Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Ok. Then, the user must exist locally, but I believe the username will need to be the same as that on the kerberos server (and your edu.mit.Kerberos must be set up correctly). You don't need the edit I suggested, just the system.login.done one which will get you tickets after logging in. On 2002.10.22 16:07 Henry B. Hotz wrote: > At 9:31 PM -0400 10/21/02, David Botsch wrote: >> There is another edit you need to make to /etc/authorization: >> >> system.login.console >> >> eval >> >> loginwindow_builtin:login,krb5auth:authnoverify,loginwindow_builtin:success> >> >> the edit you put in only gets you kerberos tickets when loggin in >> but does not >> actually authenticate you against kerberos. > > I don't want login dependent on having a network connection, much > less having the server running properly. I just want to get a ticket > if it's possible. > > Do I still need to do the extra edit? My interpretation of the web > pages was that I didn't need it for my loose dependence. > > I think I'm asking a real dumb, newby type question. If the built-in > KfM stuff weren't so new I'd feel really stupid. Maybe. > > Thanks for responding! > > On Mon, Oct 21, 2002 at 05:54:03PM -0700, Henry B. Hotz wrote: >> This is really frustrating. With all the documentation on the web >> it >> seems like it should be working now. It *almost* works. >> >> I've installed a edu.mit.Kerberos file on a just-upgraded OSX 10.2.1 >> system that didn't have it before. >> >> >[machotz:~] hotz% more /Library/Preferences/edu.mit.Kerberos >> >[libdefaults] >> > default_realm = JPL.NASA.GOV >> >[logging] >> > default = FILE:/KLog >> >[v4 realms] >> > JPL.NASA.GOV = { >> > kdc = eis-fil-afsdb08.jpl.nasa.gov >> > kdc = eis-fil-afsdb09.jpl.nasa.gov >> > kdc = eis-fil-afsdb10.jpl.nasa.gov >> > admin_server = kerberos.jpl.nasa.gov >> > default_domain = jpl.nasa.gov >> > string_to_key_type = afs_string_to_key >> > } >> >[v4 domain_realm] >> > .jpl.nasa.gov = JPL.NASA.GOV >> > jpl.nasa.gov = JPL.NASA.GOV >> >> Also modified /etc/authorization as follows: >> >> > >> > system.login.done >> > >> > eval >> > switch_to_user, krb5auth:login >> > >> >> Added group read access to ~/Library/Preferences/ (Do I really need >> to do this?) >> >> >[machotz:~] hotz% ls -ld ~/Library/Preferences/ >> >drwxr-x--- 94 hotz staff 3196 Oct 21 17:17 >> /Users/hotz/Library/Preferences/ >> >> Now kinit/klist/kdestoy work fine. The Kerberos GUI also works >> fine. >> I've restarted the computer and when I log back in klist shows no >> tickets. I have not installed the Kerberos Extras, but I don't >> think >> I need them. What else do I need to do to get the login >> authenticator to work? >> >> Note that kpasswd does not work, and the /KLog file and console log >> remain bare of any indications of any problem. >> >> >[machotz:~] hotz% klist >> >Kerberos 4 ticket cache: 'Initial default ccache' >> >Default Principal: hotz@JPL.NASA.GOV >> >Issued Expires Service Principal >> >10/21/02 16:24:59 10/22/02 17:51:20 >> krbtgt.JPL.NASA.GOV@JPL.NASA.GOV >> > >> >[machotz:~] hotz% kpasswd >> >Kerberos Change Password: >> >Please enter the old password for hotz@JPL.NASA.GOV: >> >Kerberos Change Password Failed: Principal unknown >> >Please enter the old password for hotz@JPL.NASA.GOV: >> >> kerberos is a CNAME for eis-fil-afsdb08. It's really running a >> kaserver (hence the v4 and afs key stuff). I'm not trying to put my >> home directory in AFS space, just gain access to AFS automatically >> on >> login. >> -- >> The opinions expressed in this message are mine, >> not those of Caltech, JPL, NASA, or the US Government. >> Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu > >-- > The opinions expressed in this message are mine, > not those of Caltech, JPL, NASA, or the US Government. > Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu -- ******************************** David William Botsch Consultant/Advisor II CCMR Computing Facility dwb7@ccmr.cornell.edu ******************************** From hotz@jpl.nasa.gov Wed Oct 23 13:10:48 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from eis-msg-012.jpl.nasa.gov (eis-msg-012.jpl.nasa.gov [137.78.160.40]) by grand.central.org (Postfix) with ESMTP id 544C29C0A for ; Wed, 23 Oct 2002 13:10:48 -0400 (EDT) Received: from [137.78.212.249] (laphotz.jpl.nasa.gov [137.78.212.225]) by eis-msg-012.jpl.nasa.gov (8.12.1/8.12.1) with ESMTP id g9NHAkBo006519; Wed, 23 Oct 2002 10:10:46 -0700 (PDT) Mime-Version: 1.0 X-Sender: hotzmail@redhotz.jpl.nasa.gov Message-Id: In-Reply-To: <20021022212749.GG12265@domino.ccmr.cornell.edu> References: <20021021213122.A10098@ccmr.cornell.edu> <20021022212749.GG12265@domino.ccmr.cornell.edu> Date: Wed, 23 Oct 2002 10:10:46 -0700 To: David Botsch From: "Henry B. Hotz" Cc: David Botsch , krbdev@MIT.EDU, port-darwin@openafs.org, arla-drinkers@stacken.kth.se Content-Type: text/plain; charset="us-ascii" ; format="flowed" Subject: [OpenAFS-port-darwin] Re: Kerberos for Macintosh Login Authentication, Help? Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: At 5:27 PM -0400 10/22/02, David Botsch wrote: >Ok. Then, the user must exist locally, but I believe the username >will need to be the same as that on the kerberos server (and your >edu.mit.Kerberos must be set up correctly). You don't need the edit >I suggested, just the system.login.done one which will get you >tickets after logging in. sudo find -x / -user 501 -exec chown hotz {} \; It wasn't quite that simple, but I did fix the username and UID to match AFS's definitions. Just forgot to mention it. Kerberos seemed to pick up the connection OK. Thanks for checking. -- The opinions expressed in this message are mine, not those of Caltech, JPL, NASA, or the US Government. Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu From bil_hays@unc.edu Thu Oct 24 08:25:45 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp.unc.edu (smtpsrv12.isis.unc.edu [152.2.1.243]) by grand.central.org (Postfix) with ESMTP id DADE39C32 for ; Thu, 24 Oct 2002 08:25:44 -0400 (EDT) Received: from gilgamesh.cs.unc.edu (gilgamesh.cs.unc.edu [152.2.131.71]) (authenticated bits=0) by smtp.unc.edu (8.12.2/8.12.2) with ESMTP id g9OCPVuE027063 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NOT) for ; Thu, 24 Oct 2002 08:25:32 -0400 (EDT) Date: Thu, 24 Oct 2002 08:25:26 -0400 From: bil To: port-darwin@openafs.org Message-ID: <107419204.1035447926@gilgamesh.cs.unc.edu> In-Reply-To: <20021023160103.C8DCA9C45@grand.central.org> References: <20021023160103.C8DCA9C45@grand.central.org> X-Mailer: Mulberry/2.1.1 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: [OpenAFS-port-darwin] Re: port-darwin digest, Vol 1 #67 - 4 msgs Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Does anyone out there know of a way to get this kind of thing to work without having a local userid? We're trying to figure a way to map afs drives with user accounts to a public machine without having to maintain local accounts (we do this with other unix boxes using NIS for user data and pam, but can't find any solid docs on any of that for osx, and Apple's been little help). bil --On Wednesday, October 23, 2002 12:01 PM -0400 port-darwin-request@openafs.org wrote: > Message: 2 > Date: Tue, 22 Oct 2002 16:12:45 -0400 > Subject: Re: [OpenAFS-port-darwin] Re: Kerberos for Macintosh Login > Authentication, Help? Cc: port-darwin@openafs.org > To: "Henry B. Hotz" > From: Aaron Rosenblum > > No, you do not need the extra edit if all you want to do is get tickets > as a side effect of logging in. Please note, however, that you must > have a local username and password that match your kerberos > username/password for this to work. > > Hope this helps. > > Aaron From jackson@CMU.EDU Thu Oct 24 12:08:40 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtp6.andrew.cmu.edu (SMTP6.andrew.cmu.edu [128.2.10.86]) by grand.central.org (Postfix) with ESMTP id EF8DD9C01 for ; Thu, 24 Oct 2002 12:08:39 -0400 (EDT) Received: from CMU.EDU (TI.WV.CC.cmu.edu [128.2.68.150]) (user=jackson mech=GSSAPI (56 bits)) by smtp6.andrew.cmu.edu (8.12.3.Beta2/8.12.3.Beta2) with ESMTP id g9OG8cQ9031021; Thu, 24 Oct 2002 12:08:39 -0400 Date: Thu, 24 Oct 2002 12:08:42 -0400 Subject: Re: [OpenAFS-port-darwin] Re: port-darwin digest, Vol 1 #67 - 4 msgs Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v546) Cc: port-darwin@openafs.org To: bil From: Joseph Jackson In-Reply-To: <107419204.1035447926@gilgamesh.cs.unc.edu> Message-Id: Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.546) Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: If you have account information in LDAP, it's pretty easy to configure Mac OS X to use it. If you really like NIS, there are some good docs on making that work with Mac OS X. Check out http://www.macosxlabs.org/ for more info. The "Documentation" section talks about LDAP and the "References" page points to a good NIS web site. Joe Jackson, Carnegie Mellon University. On Thursday, October 24, 2002, at 08:25 AM, bil wrote: > Does anyone out there know of a way to get this kind of thing to work > without having a local userid? We're trying to figure a way to map afs > drives with user accounts to a public machine without having to > maintain local accounts (we do this with other unix boxes using NIS > for user data and pam, but can't find any solid docs on any of that > for osx, and Apple's been little help). > bil From arosenbl@mac.com Thu Oct 24 12:39:34 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from smtpout.mac.com (smtpout.mac.com [204.179.120.89]) by grand.central.org (Postfix) with ESMTP id DE4879C01 for ; Thu, 24 Oct 2002 12:39:33 -0400 (EDT) Received: from asmtp01.mac.com (asmtp01-qfe3 [10.13.10.65]) by smtpout.mac.com (8.12.2/MantshX 2.0) with ESMTP id g9OGdW5u021810 for ; Thu, 24 Oct 2002 09:39:32 -0700 (PDT) Received: from mac.com ([166.90.245.14]) by asmtp01.mac.com (Netscape Messaging Server 4.15) with ESMTP id H4HVLV00.FOE; Thu, 24 Oct 2002 09:39:31 -0700 Date: Thu, 24 Oct 2002 12:39:30 -0400 Subject: Re: [OpenAFS-port-darwin] Re: port-darwin digest, Vol 1 #67 - 4 msgs Content-Type: text/plain; delsp=yes; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v546) Cc: port-darwin@openafs.org To: bil From: Aaron Rosenblum In-Reply-To: <107419204.1035447926@gilgamesh.cs.unc.edu> Message-Id: <2B4D115E-E76F-11D6-82EE-000393951464@mac.com> Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.546) Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Make the following modifications to /etc/authorization : replace the 'authinternal' string in the line that looks like loginwindow_builtin:login,authinternal,loginwindow_builtin:succe ss with the string: 'krb5auth:authnoverify' so that it looks like: loginwindow_builtin:login,krb5auth:authnoverify,loginwindow_buil tin:success in the switch_to_user line: add krb5auth:login to the string so that it looks like: switch_to_user,krb5auth:login Save the changes and logout. You will be able to use a kerberos uniquename/password combination to log into the machine so long as the username you are using exists in directory services (local, netinfo, properly configured LDAP, or otherwise) and the password you supply is the correct kerberos password. You will get a TGT upon succesfully logging in. Also, there used to be a freeware wrapper to configure lookupd to use NIS. http://www.versiontracker.com/moreinfo.fcgi?id=9914&db=mac I don't know if it still works... Aaron On Thursday, October 24, 2002, at 08:25 AM, bil wrote: > Does anyone out there know of a way to get this kind of thing to work > without having a local userid? We're trying to figure a way to map afs > drives with user accounts to a public machine without having to > maintain local accounts (we do this with other unix boxes using NIS > for user data and pam, but can't find any solid docs on any of that > for osx, and Apple's been little help). > bil > > > --On Wednesday, October 23, 2002 12:01 PM -0400 > port-darwin-request@openafs.org wrote: > >> Message: 2 >> Date: Tue, 22 Oct 2002 16:12:45 -0400 >> Subject: Re: [OpenAFS-port-darwin] Re: Kerberos for Macintosh Login >> Authentication, Help? Cc: port-darwin@openafs.org >> To: "Henry B. Hotz" >> From: Aaron Rosenblum >> >> No, you do not need the extra edit if all you want to do is get >> tickets >> as a side effect of logging in. Please note, however, that you must >> have a local username and password that match your kerberos >> username/password for this to work. >> >> Hope this helps. >> >> Aaron > > > _______________________________________________ > port-darwin mailing list > port-darwin@openafs.org > https://lists.openafs.org/mailman/listinfo/port-darwin From mbartosh@4am-media.com Thu Oct 24 13:41:51 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from 192.168.2.1 (unknown [216.58.171.31]) by grand.central.org (Postfix) with SMTP id 683E29C01 for ; Thu, 24 Oct 2002 13:41:50 -0400 (EDT) Received: from ppp-216-58-171-31.den1.inet.ricochet.net [216.58.171.31] by 192.168.2.1 (AppleMailServer 10.2.0.0) id 34820 via TCP with SMTP; Thu, 24 Oct 2002 11:43:50 -0600 Date: Thu, 24 Oct 2002 13:43:24 -0400 Subject: Re: [OpenAFS-port-darwin] Re: port-darwin digest, Vol 1 #67 - 4 msgs Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v548) Cc: bil , port-darwin@openafs.org To: Aaron Rosenblum From: Michael Bartosh In-Reply-To: <2B4D115E-E76F-11D6-82EE-000393951464@mac.com> Message-Id: <18665469-E778-11D6-8DEF-000393A9CA68@4am-media.com> Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.548) Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: On Thursday, October 24, 2002, at 12:39 PM, Aaron Rosenblum wrote: > Also, there used to be a freeware wrapper to configure lookupd to use > NIS. > > http://www.versiontracker.com/moreinfo.fcgi?id=9914&db=mac This no longer works due to the fact that lookupd isn't consulted by loginwindow (it is, instead, a DirectoryService client). http://www.4am-media.com Mac OS X Consulting and Training Michael Bartosh mbartosh@4am-media.com 303.517.0272 Denver, CO "The surest way to corrupt a youth is to instruct him to hold in higher regard those who think alike than those who think differently." - -- Nietzsche Think Different. From editor@umich.edu Fri Nov 1 14:17:42 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from harumscarum.mr.itd.umich.edu (harumscarum.mr.itd.umich.edu [141.211.125.17]) by grand.central.org (Postfix) with ESMTP id 7F3D29BDE for ; Fri, 1 Nov 2002 14:17:42 -0500 (EST) Received: from umich.edu (dynamic231-219.staff.itd.umich.edu [141.213.231.219]) by harumscarum.mr.itd.umich.edu (8.9.3/3.3s) with ESMTP id OAA02506 for ; Fri, 1 Nov 2002 14:17:41 -0500 (EST) Date: Fri, 1 Nov 2002 14:17:41 -0500 Mime-Version: 1.0 (Apple Message framework v546) Content-Type: text/plain; charset=US-ASCII; format=flowed From: Patrick M McNeal To: port-darwin@openafs.org Content-Transfer-Encoding: 7bit Message-Id: <97590F84-EDCE-11D6-B662-000393104238@umich.edu> X-Mailer: Apple Mail (2.546) Subject: [OpenAFS-port-darwin] Removing AFS Desktop Icon Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Is there a way to prevent the AFS network icon from appearing on the desktop and/or in "/Network" when using the finder? I've tried using the .hidden file, but it doesn't work with network drives. I still want to have other network volumes appear on the desktop, so I can't turn off "Show connected servers" in finder's preferences. Thanks --Patrick From hotz@jpl.nasa.gov Sun Nov 3 19:17:10 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from eis-msg-012.jpl.nasa.gov (eis-msg-012.jpl.nasa.gov [137.78.160.40]) by grand.central.org (Postfix) with ESMTP id B6DDE9BDD for ; Sun, 3 Nov 2002 19:17:09 -0500 (EST) Received: from [137.78.212.225] (laphotz.jpl.nasa.gov [137.78.212.225]) by eis-msg-012.jpl.nasa.gov (8.12.1/8.12.1) with ESMTP id gA40H7Bo014841; Sun, 3 Nov 2002 16:17:07 -0800 (PST) Mime-Version: 1.0 X-Sender: hotzmail@redhotz.jpl.nasa.gov Message-Id: In-Reply-To: <20021102170104.CB6739C29@grand.central.org> References: <20021102170104.CB6739C29@grand.central.org> Date: Sun, 3 Nov 2002 16:17:05 -0800 To: port-darwin@openafs.org From: "Henry B. Hotz" Cc: Patrick M McNeal Content-Type: text/plain; charset="us-ascii" ; format="flowed" Subject: [OpenAFS-port-darwin] Re: port-darwin digest, Vol 1 #70 - 1 msg Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: At 12:01 PM -0500 11/2/02, Patrick M McNeal wrote: >Date: Fri, 1 Nov 2002 14:17:41 -0500 >From: Patrick M McNeal >To: port-darwin@openafs.org >Subject: [OpenAFS-port-darwin] Removing AFS Desktop Icon > >Is there a way to prevent the AFS network icon from appearing on the >desktop and/or in "/Network" when using the finder? > >I've tried using the .hidden file, but it doesn't work with network >drives. > >I still want to have other network volumes appear on the desktop, so I >can't turn off "Show connected servers" in finder's preferences. > >Thanks > >--Patrick Finder->Preferences: Uncheck the "Connected Servers" box. -- The opinions expressed in this message are mine, not those of Caltech, JPL, NASA, or the US Government. Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu From ssen@MIT.EDU Sun Nov 3 19:24:22 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.7.21.83]) by grand.central.org (Postfix) with ESMTP id 5AC2B9BDD for ; Sun, 3 Nov 2002 19:24:22 -0500 (EST) Received: from central-city-carrier-station.mit.edu (CENTRAL-CITY-CARRIER-STATION.MIT.EDU [18.7.7.72]) by pacific-carrier-annex.mit.edu (8.9.2/8.9.2) with ESMTP id TAA10739; Sun, 3 Nov 2002 19:24:18 -0500 (EST) Received: from melbourne-city-street.mit.edu (MELBOURNE-CITY-STREET.MIT.EDU [18.7.21.86]) by central-city-carrier-station.mit.edu (8.9.2/8.9.2) with ESMTP id TAA05826; Sun, 3 Nov 2002 19:24:18 -0500 (EST) Received: from mit.edu (h004005b85d94.ne.client2.attbi.com [65.96.164.24]) by melbourne-city-street.mit.edu (8.9.2/8.9.2) with ESMTP id TAA17080; Sun, 3 Nov 2002 19:24:17 -0500 (EST) Date: Sun, 3 Nov 2002 19:24:24 -0500 Subject: Re: [OpenAFS-port-darwin] Re: port-darwin digest, Vol 1 #70 - 1 msg Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v548) Cc: port-darwin@openafs.org, Patrick M McNeal To: "Henry B. Hotz" From: Shantonu Sen In-Reply-To: Message-Id: Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.548) Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Did you read Patrick's e-mail? He explicitly says this is not an option. Shantonu On Sunday, November 3, 2002, at 07:17 PM, Henry B. Hotz wrote: > At 12:01 PM -0500 11/2/02, Patrick M McNeal wrote: >> I still want to have other network volumes appear on the desktop, so I >> can't turn off "Show connected servers" in finder's preferences. > > Finder->Preferences: Uncheck the "Connected Servers" box. > -- > The opinions expressed in this message are mine, > not those of Caltech, JPL, NASA, or the US Government. > Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu > _______________________________________________ > port-darwin mailing list > port-darwin@openafs.org > https://lists.openafs.org/mailman/listinfo/port-darwin From hotz@jpl.nasa.gov Sun Nov 3 19:38:12 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from eis-msg-012.jpl.nasa.gov (eis-msg-012.jpl.nasa.gov [137.78.160.40]) by grand.central.org (Postfix) with ESMTP id 3442E9C34 for ; Sun, 3 Nov 2002 19:38:12 -0500 (EST) Received: from [137.78.212.225] (laphotz.jpl.nasa.gov [137.78.212.225]) by eis-msg-012.jpl.nasa.gov (8.12.1/8.12.1) with ESMTP id gA40c9Bo016125; Sun, 3 Nov 2002 16:38:09 -0800 (PST) Mime-Version: 1.0 X-Sender: hotzmail@redhotz.jpl.nasa.gov Message-Id: In-Reply-To: References: Date: Sun, 3 Nov 2002 16:38:07 -0800 To: Shantonu Sen From: "Henry B. Hotz" Subject: Re: [OpenAFS-port-darwin] Re: port-darwin digest, Vol 1 #70 - 1 msg Cc: port-darwin@openafs.org, Patrick M McNeal Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: At 7:24 PM -0500 11/3/02, Shantonu Sen wrote: >Did you read Patrick's e-mail? He explicitly says this is not an option. > >Shantonu > >On Sunday, November 3, 2002, at 07:17 PM, Henry B. Hotz wrote: > >>At 12:01 PM -0500 11/2/02, Patrick M McNeal wrote: >>>I still want to have other network volumes appear on the desktop, so I >>>can't turn off "Show connected servers" in finder's preferences. >> >>Finder->Preferences: Uncheck the "Connected Servers" box. Oops. I guess not. Sorry. -- The opinions expressed in this message are mine, not those of Caltech, JPL, NASA, or the US Government. Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu From hotz@jpl.nasa.gov Fri Nov 8 16:23:18 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from eis-msg-012.jpl.nasa.gov (eis-msg-012.jpl.nasa.gov [137.78.160.40]) by grand.central.org (Postfix) with ESMTP id E0AE99BDC; Fri, 8 Nov 2002 16:23:17 -0500 (EST) Received: from [137.78.212.245] (laphotz.jpl.nasa.gov [137.78.212.225]) by eis-msg-012.jpl.nasa.gov (8.12.1/8.12.1) with ESMTP id gA8LNCBo028526; Fri, 8 Nov 2002 13:23:13 -0800 (PST) Mime-Version: 1.0 X-Sender: hotzmail@redhotz.jpl.nasa.gov Message-Id: In-Reply-To: <1036710445.30362.55.camel@balcsi> References: <20021031170103.0525F9C2F@grand.central.org> <1036329524.12681.46.camel@balcsi> <1036443284.12705.147.camel@balcsi> <1036483691.12681.207.camel@balcsi> <1036710445.30362.55.camel@balcsi> Date: Fri, 8 Nov 2002 13:20:42 -0800 To: Balazs GAL From: "Henry B. Hotz" Cc: openafs-info@openafs.org, pam-krb5@rit.bme.hu, port-darwin@openafs.org, unix-porting@lists.apple.com, jpl-sysadmin@list.jpl.nasa.gov, Alan B Stepakoff Content-Type: text/plain; charset="us-ascii" ; format="flowed" Subject: [OpenAFS-port-darwin] AFS and pam-krb5 for OSX, summary Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: Please do not reply to all the lists on this email. In particular I want to move further discussion off of openafs-info. CURRENTY WORKING STUFF OpenAFS 1.2.7 works on OSX.2 providing the usual unix command line utilities. The built-in kerberos can be configured to work with an AFS kaserver by specifying the kerberos 4 realm and servers as usual and "string_to_key_type = afs_string_to_key" in the [v4 realms] section. The built-in kerberos can be invoked on console login by following the instructions in Apple KnowledgeBase article 107154 and friends. There is a kerberos plug-in at which will automatically load/destroy AFS tokens from kerberos tickets which appears to do what it should. The kerberos GUI in /System/Library/CoreServices appears to work fine with the above plugin. WHAT I'D HELP WITH I have no access to a cell backed with a kerberos V server so I don't know if any of this stuff would work there. sshd and the other unix clients use pam (which the console login doesn't) so they don't get kerberos tickets. I think the aklog plugin would work if we just got a kerberos pam, and we don't need an AFS pam. Balazs GAL and I have been trading email in an attempt to get the Heimdal pam-krb5 working on OSX.2.1. The current hangup is getting the module linked so the pam machinery can load it. I'll post more details on port-darwin@openafs.org and unix-porting@lists.apple.com. The OSX screensaver doesn't refresh the kerberos tickets when you type in your password. Is there something in /etc/authorization that would fix that? The kfm_aklog doesn't create a unique PAG so ssh'ing in while the console has AFS access inherits the token and allows the ssh user to unlog the console. (We've been living with this problem for a long time on other platforms though.) -- The opinions expressed in this message are mine, not those of Caltech, JPL, NASA, or the US Government. Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu From hotz@jpl.nasa.gov Fri Nov 8 16:49:53 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from eis-msg-012.jpl.nasa.gov (eis-msg-012.jpl.nasa.gov [137.78.160.40]) by grand.central.org (Postfix) with ESMTP id 462DD9BDC for ; Fri, 8 Nov 2002 16:49:53 -0500 (EST) Received: from [137.78.212.245] (laphotz.jpl.nasa.gov [137.78.212.225]) by eis-msg-012.jpl.nasa.gov (8.12.1/8.12.1) with ESMTP id gA8LnpBo003685; Fri, 8 Nov 2002 13:49:52 -0800 (PST) Mime-Version: 1.0 X-Sender: hotzmail@redhotz.jpl.nasa.gov Message-Id: In-Reply-To: <1036710445.30362.55.camel@balcsi> References: <20021031170103.0525F9C2F@grand.central.org> <1036329524.12681.46.camel@balcsi> <1036443284.12705.147.camel@balcsi> <1036483691.12681.207.camel@balcsi> <1036710445.30362.55.camel@balcsi> Date: Fri, 8 Nov 2002 13:47:21 -0800 To: Balazs GAL From: "Henry B. Hotz" Cc: port-darwin@openafs.org, pam-krb5@rit.bme.hu Content-Type: text/plain; charset="us-ascii" ; format="flowed" Subject: [OpenAFS-port-darwin] Porting pam-krb5 to OSX, was: Kerberos V and xscreensaver/xlock on openafs-info Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: At 12:07 AM +0100 11/8/02, Balazs GAL wrote: >I think openafs-info is not the right place for discussion >about pam_krb5 so i made a new pam_krb5 list: > >To post to this list, send your email to: > > pam-krb5@rit.bme.hu > >General information about the mailing list is at: > > https://mail.rit.bme.hu/mailman/listinfo/pam-krb5 Not sure we need a new mailing list, but I agree that openafs-info was not the right place to carry the discussion. Anyone with opinions please email me directly and not on the lists. Currently the module http://www.rit.bme.hu/~balsa/pam_krb5/snap/pam_krb5_snap-2002.11.07.tar.gz fails with the following traceback: > #0 0x8fe01280 in halt > #1 0x8fe106b4 in link_in_need_modules > #2 0x8fe12230 in _dyld_link_module > #3 0x900171c8 in NSLinkModule > #4 0x93ef53d0 in _pam_dlopen > #5 0x93ef35e4 in _pam_init_handlers > #6 0x93ef2fd4 in _pam_dispatch > #7 0x93ef3170 in _pam_init_handlers > #8 0x93ef2258 in pam_start > #9 0x0000a9b0 in 0xa9b0 > #10 0x000152f4 in 0x152f4 > #11 0x00014a2c in 0x14a2c > #12 0x000146f4 in 0x146f4 > #13 0x000034cc in 0x34cc > #14 0x000050dc in 0x50dc > #15 0x000027c0 in 0x27c0 > #16 0x00002640 in 0x2640 The link line was: >gcc -r -keep_private_externs -nostdlib -o .libs/pam_krb5.so-master.o >pam_krb5.lo && gcc -bundle -flat_namespace -undefined suppress -o >.libs/pam_krb5.so .libs/pam_krb5.so-master.o -L/usr/local/pam/lib >-lkrb5 -lk5crypto -lcom_err -lpam -lc --version-script=Versions You can look at the configure and make logs at /afs/jpl.nasa.gov/home/h/hotz/public/pam/pam_krb5_snap/ For comparison: the link for one of the modules in the pam-9 package from the Darwin project is: >gcc -arch ppc -g -Os -pipe -Wall >-DAR=/Network/afs/jpl.nasa.gov/home/h/hotz/public/pam/pam-9/ar.sh >-Ddarwin -no-cpp-precomp -I./include >-I/private/tmp/PAM/Build/libpam/include -I/private/tmp/PAM/Build >-I/private/tmp/PAM/Build/libpamc/include -I../pammodutil/include >-DPAM_DYNAMIC -c pam_securetty.c -o dynamic/pam_securetty.o >cc -bundle -arch ppc -g -Os -pipe -Wall >-DAR=/Network/afs/jpl.nasa.gov/home/h/hotz/public/pam/pam-9/ar.sh >-Ddarwin -no-cpp-precomp -I./include >-I/private/tmp/PAM/Build/libpam/include -I/private/tmp/PAM/Build >-I/private/tmp/PAM/Build/libpamc/include -o pam_securetty.so >dynamic/pam_securetty.o -lc -L../pammodutil -lpammodutil >-L/private/tmp/PAM/Build/libpam -lpam I hope someone can help. -- The opinions expressed in this message are mine, not those of Caltech, JPL, NASA, or the US Government. Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu From jmallet@cea.fr Thu Nov 14 12:30:33 2002 Return-Path: Delivered-To: port-darwin@openafs.org Received: from cirse.saclay.cea.fr (cirse.saclay.cea.fr [132.166.192.127]) by grand.central.org (Postfix) with ESMTP id 854139BDC for ; Thu, 14 Nov 2002 12:30:27 -0500 (EST) Received: from araneus.saclay.cea.fr (araneus.saclay.cea.fr [132.166.192.110]) by cirse.saclay.cea.fr (8.12.2/8.12.2/CEAnet-Internet.1.0) with ESMTP id gAEHUQWq028928 for ; Thu, 14 Nov 2002 18:30:26 +0100 (MET) Received: from nenuphar.saclay.cea.fr (unverified) by araneus.saclay.cea.fr (Content Technologies SMTPRS 4.3.1) with ESMTP id for ; Thu, 14 Nov 2002 18:26:22 +0100 Received: from dphdse.saclay.cea.fr (dphdse.saclay.cea.fr [132.166.30.5]) by nenuphar.saclay.cea.fr (8.12.2/8.12.2/CEAnet-Interne.1.0) with ESMTP id gAEHUPIw015334 for ; Thu, 14 Nov 2002 18:30:25 +0100 (MET) Received: from cea.fr (dphmcx.saclay.cea.fr [132.166.35.35]) by dphdse.saclay.cea.fr (8.9.0/8.9.0) with ESMTP id SAA14412 for ; Thu, 14 Nov 2002 18:30:25 +0100 (MET) Date: Thu, 14 Nov 2002 18:30:22 +0100 Mime-Version: 1.0 (Apple Message framework v548) Content-Type: multipart/mixed; boundary=Apple-Mail-13-1005763993 From: jacques Mallet To: port-darwin@openafs.org Message-Id: X-Mailer: Apple Mail (2.548) Subject: [OpenAFS-port-darwin] afs and the macosX file system Sender: port-darwin-admin@openafs.org Errors-To: port-darwin-admin@openafs.org X-BeenThere: port-darwin@openafs.org X-Mailman-Version: 2.0.4 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: OpenAFS port to Darwin and Mac OS X List-Unsubscribe: , List-Archive: --Apple-Mail-13-1005763993 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; format=flowed Hey all, I run jaguar 1.2.2 and installed OpenAFS 1.2.7 (updated from older afs version) All afs client functionnalies I need work fine but since this installation I cannot mount a volume of any disk image .dmg file. I got the error 95 "no mountable file system" --Apple-Mail-13-1005763993 Content-Disposition: inline; filename=pastedGraphic1.tiff Content-Transfer-Encoding: base64 Content-Type: image/tiff; x-unix-mode=0666; name="pastedGraphic1.tiff" TU0AKgAAJ7aAN2BMyCP+DQeEQmFQuGQ2HQ+IRGJROKRWLReMRmNRuOR2PR+QSGRSOSSWTSeUSmVS uWS2XS+YTGZQmCMyBN2GzWZzueT2fT+gUGhUOiUWjUekUmlUumSCazemy53VOqVSg1WsVGtVuuV2 vV+wWGxWOyUGa1aH1i1Wu1TVd29M3G5XK3ruz2y8Xm9VS5FW/CLACIAADA34q3K94nFXy44bA4PC YDDYjF5XLZfMZnNZvOZ3PZ/QaHRaPSaXTafUanVavWa3Xa/YbHOQ1MzWCWiO1S63WnwKqTe3btd7 iOb+BJkzckZjNmXG6v+Cby4mbl8gzTfiRjjN3k9Tlojwbzo2/wIjljPu9ip2X2e33Qzsv+1e+xfP 6ff8fmiQTBmZmJC4JdqgiSbrq+KOOsTLluaTLoGYvEHQZBQZuskTuvOuS7rWmq5PO7r9ISVURLmu MRFVAcQJ6m8TLIyDnoMuTIRQmsWRSobDQ+hLKHdG0ex9H6MMGETaoXA6EqpGkRN6brFuA8bhvWiq 1LnBbkuaMzoQa5ssy45srmY5MJx2icpriwq/DM5DarjBk2zZNQzMcwEdyMri1PPM4qsewcTTrIDc qwuQiUG+ylrUyE+qmuoI0Y9R3PLRgI0LP6VqowzDO2wMNUpTlOx8yD/P/I7LRM8TbJvVFUyc20DM 4m8xSq5kFH/WdahnWlZVzMEKOq5bNJvQYiPRXs0vRBVi2RY9lV7Ydg0c2TWQ85NVPO89oWvbFstL RERUywC1DvcNI21cloWDTFy3TdV13Zdt3LWhq6xQg7cL3E0l1VfN9QKt8IINeqsVeGYAV25oAVpg 9bVxhda4ITOCOpBQAUdekovlgKBABgdeQoAE049Y5mPRkT/ZHY2NYfXmNYm3y2YrHl/4tgGYYvmm Z5fnGY5srOdKpaTr1Sw1xqnYNwjuwzIXBcVGMgwNWqrEzIUjo1I6fDrqrjSMdxNPeNOXZ9FLe87I aNpQ767YMywmGa1WBQbIMhZ2WqrYLy6pRmn5zmuzalRmjW4VTdLfDSqbvSSppq8+uMAyDyprrrur Uurz0jSLyrxxbBMHc6/LVzLIPPsB3cm5e+gjimdZeqkTUiwLz3Qdyb0jwip6NtFCLZv7B6npYI6e 8sd9lRnaHdw1QOSvHbcZzfcXhnuZehnfpb1m/U+tmvqZ57Hr+r7fve78HtfD6fuej7Pyb383yqqh TL3it95ylsMBbmztNoxgWHVvh+F5E6Ct3/QBf2/t/TEk/EMJuAAIjKFjMmZKbVNKYIIG1gcrCBTL CcH4PO2VxB/D+nJIO5RRh5UUFyaqv0qZ5UZECIOYZF6tC4ouLeQdGJgzDKOgSYNp5hmjEKQwXFvU OYMEHfjDATJgSFLBbkqiJSg4fHLd4HdQUTiKwmbxCgd0NQAQvIgpBRhByamQhuQKFRgzzoBhXBlC ML2omDIVEJy8HRmLBiIxmHUWIeLhiehSID10yFTcaeB4QEUcs1MgTog0QkURFis76GaMIYx3F2Qd oxco6jdjTDRMxgFVKRkXHaIciYWKelIe9UCRFRmJX4/RVCvyBkEdEYsurEmGQAgAlhMB0JcS7f/L ViTxC9l1AAFVkDJoKQTH+mmZKDYIwRgqwOYjT13mehE5WMRflHOvc6WxPK+2yLhKpEs7bgCqRedO /V2rvThC7aMtYrC1UFm3YxJgwbRpYwpPAYFJEHgAImVVFpDU2gqyraGZWgU3k+LdMU4ZwQu5PKpm EYNDUQlEl5jDJJwq4Y0qqdg4adc7VfTvnhMAxUZYMNuCI7CIVE5QT2nQVWg7c6KUKeKuFHdF2CTy HcnmdZ544uxpauGe806iVFqMZ595diCvPlUQJeSqZXDdXxS8vEqzkQDl7LmXMySDJYq5VqXEA6r0 kLXKtYaxZjwSmSf8/1a5lzLgkyRCZ1KnpMqOZUm5gVgr3lgvpn6+4or7piN2JaqnAE3PKYFfbQlG TwscDNVRNVgmQeCcdrLlQI2VG7YmThAo205JsqmnE/iBV/qcW+h9di8yDpcvmw9VCpk3cMitEVil U2fqnPQABclVrBr02+hLgSpmGdCvqMY3bGARsfPCyJBLJwfaBaovdxGvqpc5QOV4zIZJQqAN2RrW i4nbsCvq143WjU/pxXV1pgLlgzg5d276jE6V3vpfW+y/iEG2qW+mpo3a6qTLSVhJZl6rQgf5WCru CVaYKl5Llh51qyNttOLtHGD61VtrakTDVbJmQQY/C5+FsL7lrtMvlO5y73lqTzhK3VrXYT7u1cGc s+bO3SnSHe1K+8WW0FU2medsqNGDUdZwEVDZyFYtxX0bsG5wPzoKYtn+LMjmJoY/O21qqIwYnGYN Hc3VU3bMYw/IVL4l2zX3S9VTrIRngMXOZR118YZgx+QJ3WWip5RnnlO8+bH5yHyVl7M+O86ZBzti PQ2h6iEKVMRnGD9yL4wgOkWORczqS9q5gvTCDdM4JZFVe3koyI4wQ6xHTtbsNq0P/qeZyw0M06Pa z45bkXtMvyYHd9uN3Z37oBTowzwC43Pi3FjIh8acWtO3oqLCli/SXQ1ThFGw6RAzxfcMv07qYYoy aO4mtBSIUZbOYBJbSLgkTnNQ2fTFtnagKplNy2fIsyRn7TSIRhkTRNCJnGetQqZagIPNLO53zwET pwXQt7xwzZbtBsynW6bVPKBFuEv2Uy5NGce8u0GMxEZyKrJ+qXC5+RFlLyErui6mF7VXOvABCC2p PqGXtDh00w6Vf9pfTXNdOIUOod3T+NjE8vOtzlCg/zmam1T0Wt6xEwpsp1ogthN8S1VtLrF5Gc7k cRd3ZjnePKBZZtJZvGgInRY8Ui6bc5VWu7tEQ6tEVmHK7GnwIjK8q2uugOXXXp3UuD5OUbiLlYzO z3y3hRUveZr/FvyvkaiVOohc7pNNcKqwdc2hG6iaxxfZsW37W0zq4EeylU7+BGcRiib7ia8DO66q +NZq7YBG1qq/Pxa67IO8GYtgysyAHd0ykdZDu9V2zt3TPgfBWzsg3aTV9IBVK4PJR2/kJKyVy3qh dTyo4Yigogit+hfXLieg6mvTw4h551BVH0jwXE5ygqY9cIGrD+8Iju3fL7Zn/l/P+l2f3/1st7S3 P+Lmqn/kv08kX3AA/4/+v1AI/40EVQQC/6x0tjAPAe/5ABAk+fAKjmUG/nAHAq/2qhAcXzAm/9Ag uzA3AU5Yy+y4LjAZBFApBIVY/BAxAM/k+FBlBmxYO2VUfcIM5QVctESeRNB9B++SqU8kM6VU/IEQ O6MM3suuO6PKv+MzCKPIPBCQL9CUUG+oDNCbBc/g0Q/m/FBu6bAg4wPKO6UiuPC66pBDDTDVDXAO +NAfDc/xBtA4u7DYX0aKXCPK1rDrAQ9FD3DVDkzOvLDbA7D8X1BpEPEQNSIPCC0iZnATAAVMtyUK fGdVA6SSFUbsaNE0DuPKr5CGZcfXEqu7EvEzE3DwPBE8dEb0fPFZFDFce+fU5UMUfOL3FEMuRNCu 52MXFtESNBFoNFF4vqLlCmCq9+NfF+vq4o6WXfFbFkfREpFfGge9GbGlGrFiPjGtGfGvG3G0ZpGp G5GaIbEZB2tVAFAnDOM9HMIAzF3A4IqoNBIIzIU3YZDYa7ohEYlE4pEYdF4VAoQu4Mqo2u4zF4dF ZJJZNJ5RKZVK5ZLZdL5hMZlM5pNZtN5xOZ1O55PZ9P6BQaFQ6JRaNOo7BIpIqZTadT6hUalU6pVa tV6xWa1W65Xa9X7BYbFY7JZbNZ7RabVa7Zbbdb7hcblc65FKTAzveb1e75fb9f8BgcFg8JhcNh8R icVi8Zjcdj8hkclk8plctl8xmc1m85nc9n9BodFo9JpcXHY7R9Vq9Zrddr9hsdls9ptdtt9xud1u 95S6bJX/weFw+JxeKZuQROVveZzedz+h0el0+p1et1+x2d9TOBxu93+CABmZkR5fB5/R6fV6/Z7f d7/h8fl8/p9ft9/x+f1+/5/f8/8AQDAUBwJAsDQPBEEwU+CnO6+ozEyTLUu1CkKwtC8MQzDUNw5D sPNnBqSPuAESRLD8TxRFMVRXFkWxdF8YJPEKKvvCEIwjGMcx1HceR7H0fyBIJ3RmikRvGjsFyTJU lyZJsnSfKEoylKcqSrK0ryxLMpSIib7gjEoZhnIUxzJMszTPNE0zUmMuIk+8bvKRCAiAO6BQOCQW DQeEQmFQuGQ2HQ+IRGJROKRWLReMRmNRuOR2PR+QSGRSOSSWTSeUSmVSuWS2Kt2YTGYwl/zWbTec TmcpmeKqfS6gUGhUOiUWjUekUmlUumU2nU+oVGFzKqTSdVesTWeJmfKqs1+wWGxWOyWWzWe0Wm1W u2W23W+4XG5XO6XW7Xe8Xm9Xu+X2/X/AYHBWiqTKrW2t12pYvGY3HY/IZHJZPKZXLZekYWZwi34m f5jQaHRaPSaXTafUanVSnNTDD2zPKrV7PabXbbfcbndbvea1u6+17HB8PicXjcfkcnlcvmc3nc/o dHpdPmb7gWrY7ztdvud3vd/weHxO7rZy3dnx+n1ev2e33e/4RTywfOz3P/H8fn9fv+f3/MW+aDPq rifOpA0DwRBMFQXBkGwdB8IQjCTlQCgsBsUyZEQ1DcOQ7D0PxBDb/xHEkSxNE8UIzCqCLeIkXDMn kDF3GatpiZitgAGY7gAAEdgAREeSBH8gyJIcjEzHMbkzGZdjNJytoGv5mSnKZ/yoZidQEvSYq6rq cSpAjZIEtMtQhMqxyisTrpzM6azSvZmJi48ryxK66SnJkJqvJRMyrPUDSmnk/T+4820JFc3tgTIz R4EUZRonkbRxHUeR9IVLyLTEjySnkmSdGCeUTOE7TtNkLS2mEuwKm8wQwd0yVPM1YzRMc1PMrNDV EvE4phOdSSpO5mTzQlWK3QdiOhQM+yxZDi0NP9EVqxFF0aqE