[OpenAFS] readonly/readwrite

Derek Atkins warlord@MIT.EDU
01 Mar 2001 15:28:39 -0500 

Corey Kovacs <ckovacs@DEPAUW.EDU> writes:

> Whew, so far so good I think...  One more thing before I start mucking about.
> 
> I understand that for things I want the users to see and use, not manipulate, I
> put
> it under the dot path (RW) of the cell (/afs/.cellname/system/usr.X11) then
> release
> root.cell and simlink /afs/.cellname/system/usr.X11 to the appropriate place
> (/usr/X11). I do this by creating a volume for the binaries (usr.X11) and
> mounting it under the dot path of the cellname. Hopefully this is right.

Correct, you would write into the dot-path, /afs/.<cell>/system/usr.X11,
when you want to write (or change) the files on the machine.  This may
involve a temporary symlink on your 'data-writing' machine.  But in
general you do NOT symlink into the dot-path, only the non-dot-path,
/afs/<cell>/system/usr.X11.

> vos create ... usr.X11
> fs mkm /afs/.cellname/usr.X11 usr.X11
> 
> <then after moving the files into place>
> 
> vos release root.cell    < make the binaries available via /afs/cellname/usr.X11
> rm -rf /usr/X11
> ln -s /afs/cellname/usr.X11 /usr/X11    <-- make it appear as though the binaries
>                                                                 are in the "right"
> place.
> 
> Is this correct?

Yes, this is mostly correct.  You will also need to 'vos addsite
... usr.X11' to add RO replication sites for the X11 files, and then
'vos release usr.X11' to release the X11 volume.

Releasing root.cell will only make available changes in the root.cell
volume (namely, new directories and mountpoints).  It will _NOT_ make
available files in newly-mounted volumes (e.g. usr.X11).  For those
volumes, you need to release them individually.

> Now for the user homes, seems I need to create a home volume for
> each person (home.user1, home.user2 ...) and the to make sure they
> were not part of the vos release mechanism mount them under, say
> 
> fs mkm /afs/home/user1 home.user1
> fs mkm /afs/home/user2 home.user2
> ln -s /afs/home /home
> ...

Negative.  ALL VOLUMES are mounted under the dot-name cell.  You cannot
mkmount into /afs/<cell> because /afs/<cell> is a readonly volume!  So,
you _MUST_ use /afs/.<cell> directly.  So, you would:
	fs mkm /afs/<.cell>/home/user1 home.user1
	fs mkm /afs/<.cell>/home/user2 home.user2
	vos release root.cell

Now, so long as you never run 'vos addsite' for home.*, your homedirs
will still be RW, even when accessed through /afs/<cell>

> or is it simply by nature of the home.user1 volume creation in a RW mode that
> I could simply get away with doing this...
> 
> fs mkm /afs/.cellname/home/user1 home.user1
> fs mkm /afs/.cellname/home/user2 home.user2
> ln -s /afs/.cellname/home /home

Negative.  You NEVER reference volumes through the dot-name.  You
_ALWAYS_ reference files through the normal non-dot-name interface
__except__ when trying to write to a replicated volume.  The first two
lines above are correct, because /afs/cellname is replicated.  However
the last line is wrong, because you want to reference homedirs through
the replication.  This means you would:

	ln -s /afs/cellname/home /home

> I keep going back to the home directory thing because I want to keep the
> environment as "normal" for the users as possible. Thats why I want to make
> a sym link to /afs/.cellname/home from /home

Not a problem, a very reasonable thing to do.

> or does it make more sense to do this...
> 
> fs mkm /afs/.cellname/home.user1 home.user1
> fs mkm /afs/.cellname/home.user2 home.user2

No, this would make for a flat hierarcy.  You probably want something
more like:
	fs mkm /afs/.cellname/home/user1 home.user1
	fs mkm /afs/.cellname/home/user2 home.user2

> and then just account for the location in the passwd file like such.
> 
> <passwd entry>
> user1:x:1000:1000:Joe User,,,:/afs/.cellname/home.user1:/bin/bash
> user2:x:1000:1000:Jim User,,,:/afs/.cellname/home.user2:/bin/bash

Again, you always REFERENCE directories through /afs/<cell>, not
/afs/.<cell> ..  So your passwd entries will be:

  user1:x:1000:1000:Joe User,,,:/afs/cellname/home/user1:/bin/bash
  user2:x:1000:1000:Jim User,,,:/afs/cellname/home/user2:/bin/bash

> I guess what I really want to get out of this message is where is the appropriate
> place to put home directories with respect to the
> 
> /afs/.cellname
> and
> /afs/cellname

The best way to think about it is that /afs/cellname is your actual
accessible cell.  All normal user access should happen through
/afs/cellname.  The _ONLY_ time you should use /afs/.cellname is when
a system administrator needs to make a change to a replicated volume,
such as root.cell or usr.X11.  In that case, you have to make the
change in the /afs/.cellname hierarchy and then release the volume so
regular users will see it in the /afs/cellname hierarchy.

Again, "normal" users should never access /afs/.cellname.

> mount points/volumes.
> 
> Again, thanx for all of your help.

-derek

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available