[OpenAFS] Problems with access to /afs

Jacob Gorm Hansen jg@ioi.dk
Fri, 1 Jun 2001 00:55:53 +0200


Hi,

We're trying to run OpenAFS client & server on a debian unstable machine.

We have setup krb5, created principals
paleface
paleface/root
paleface/admin

Set up an AFS cell with afs-newcell, told it to use paleface as the admin user.

bos listusers -localauth HOSTNAME says:
SUsers are: paleface.root paleface 

Client and servers are running.

kinit paleface works fine, so does aklog.
tokens says:

Tokens held by the Cache Manager:

Tokens for afs@ioi.dk [Expires Jun  1 10:14]
   --End of list--
 
- Or, if we try
aklog ioi.dk -k IOI.DK

tokens says:
Tokens held by the Cache Manager:

User's (AFS ID 1) tokens for afs@ioi.dk [Expires Jun  1 10:45]
   --End of list--


But, in any case, when trying to run afs-rootvol we get:
(...questions asked...)
fs sa /afs system:anyuser rl
fs: You don't have the required access rights on '/afs'
Failed: 256

I read about trying to rename the admin user with pts, but everything
I try gives me errors like below:

pts adduser paleface.admin -group system:administratorspts: security object was passed a bad ticket ; unable to add user paleface.admin to group system:administrators 

Please help
-- 
/Jacob
always always avoid redundancy