[OpenAFS] OpenAFS, Debian, Kerberos and no permissions
Adrian Knoth
adi@drcomp.erfurt.thur.de
Tue, 6 Aug 2002 15:35:23 +0200
Hi,
at home I'm using AFS with the old kaserver, but now I tried to
install the new 1.2.6 with Kerberos5.
I feel it is all more or less right, but I cannot get the required
AFS-permissions to bootstrap the cell.
adi@ppc201:~$ /usr/sbin/kadmin
Authenticating as principal adi/admin@MINET.UNI-JENA.DE with password.
Enter password:
kadmin: GSS-API (or Kerberos) error while initializing kadmin interface
This failes, but the acl-File stats me as admin. Well this was only
the first problem. I log in:
adi@ppc201:~$ klist
Ticket cache: FILE:/tmp/krb5cc_1000
Default principal: adi@MINET.UNI-JENA.DE
Valid starting Expires Service principal
08/06/02 15:33:15 08/07/02 01:33:13 krbtgt/MINET.UNI-JENA.DE@MINET.UNI-JENA.DE
adi@ppc201:~$ aklog
adi@ppc201:~$ tokens
Tokens held by the Cache Manager:
Tokens for afs@minet.uni-jena.de [Expires Aug 7 01:33]
--End of list--
Now I think I'm more or less "online", but at home AFS-IDs are shown for
tokens (they are missing here).
adi@ppc201:~$ bos listusers localhost
SUsers are: adi/admin adi
ppc201:/home/adi# pt_util -m
Ubik Version is: 1237667645.33554432
system:backup 2/0 -205 -204 -204
system:administrators 130/20 -204 -204 -204
adi/admin 1
system:ptsviewers 2/0 -203 -204 -204
system:authuser 2/0 -102 -204 -204
system:anyuser 2/0 -101 -204 -204
But every other action fails:
adi@ppc201:~$ pts listentries
Name ID Owner Creator
pts: Permission denied ; unable to list entries
adi@ppc201:~$ fs sa /afs/ system:anyuser rl
fs: You don't have the required access rights on '/afs/'
and so on. What is wrong? Why does Kerberos fails?
--
mail: adi@thur.de http://adi.thur.de PGP: v2-key via keyserver
Fährst Du rückwärts an den Baum, verkleinert sich der Kofferraum!