[OpenAFS] Directory layout for new cells

Sam Hartman hartmans@mit.edu
16 Nov 2000 15:29:19 -0500

>>>>> "Kelsang" == Kelsang Wangden <wngdn@src.uchicago.edu> writes:

    Kelsang> Sam Hartman <hartmans@MIT.EDU> wrote:
    >> >>>>> "Derek" == Derek Atkins <warlord@MIT.EDU> writes:
    Derek> Well, you could: 0) generate ptdb 1) generate root.afs that
    Derek> only contains the new cell 2) generate root.cell 3) start
    Derek> afsd 4) get tokens 5) rebuild root.afs
    >>  As I said earlier, noauth considered harmful.

    Kelsang> Why do you consider it harmful?  It's the recommended way
    Kelsang> to build a new cell.  

Recommended by whom?  Transarc?  Yes, they recommend it because it's
all the software they ship supports. Also, note that they (I believe)
still recommend using kaserver.  Kerberos4 is a bit dated.

I consider noauth harmful because it is an unnecessary network
exposure that allows anyone who can send packets to your machine to
execute arbitrary AFS requests.  While bos exec exists, this is a
remote root compromise potential.  Even without bos exec, it seems
significant unnecessary effort to go back and revalidate the cell to
make sure that no unauthorized changes happened when you come out of

All you need to avoid ever using noauth is a tool to construct a prdb
and to modify it if things get broken.  MIT has such a tool.  Sadly,
it is designed to build against AFS 3.2.  Gary Zacheiss has been
trying to port to Openafs but is running into some trouble.  I suspect
he will eventually succeed.