[OpenAFS] readonly/readwrite

Nathan Rawling nrawling@firedrake.net
Thu, 1 Mar 2001 16:37:00 -0500 (EST) 

> > 2) Administrators who can completely trash your cell, largely without an
> >    audit trail.
> 
> Would better logging from any of the servers help? If so, do you have ideas 
> for what you'd like to see?

It would definitely help. In my past experience, the /usr/afs/logs
directory is largely only useful for the salvager logs. On rare occaison
I've been able to get information out of the kaserver logs that was
vaguely useful.

In the general case there is just not enough logging. 

If someone creates/deletes/moves a volume, I'd like to know what principal
authorized the move. Also, if permission is denied for an operation, I'd
like to have the opportunity to log it.

If someone stops/restarts processes through bos, that might be a nice
thing to log too. 

Overall, I'd like my server processes to have the ability to log
*anything* that happens. But I'd definitely like to be able to log
administrative activity that affects volumes, user accounts, or server
processes.

My guess is that the AFS logging has always been directed towards
diagnosing problems with the code, not auditing malicious
users/admins. I've never had a admin go rogue on me, but it would only
need to happen once.

> > After many years of working on medium size AFS installations at various
> > insitutions and companies, I have had to use the Carneige-Mellon ADM tool,
> > or various home-grown scripts to delegrate administrative authority.
> 
> ADM is nice but needs:
> -64 bit support
> -better documentation (it's been claimed that there is none but I promise 
> you I didn't learn how to set it up by reading the code)
> -general code cleanup

With no offense to the authors, I haven't really liked ADM. Probably this
is the result of my dislike for Scheme. =)

I ran into a *lot* of problems when I tried to migrate from kaserver->krb5
with the ADM server. I eventually ended up running both, which
occaisonally confused my fileservers but was mostly okay.

I definitely agree that improving OpenAFS should take front seat to
ADM. =)

Nathan

--
Nathan Rawling      nrawling@firedrake.net       KC8BOA
"Rome did not create a great empire by having meetings,
   they did it by killing all those who opposed them."