[OpenAFS] admin without ADMIN

Othmar Wigger owigger@geo.unizh.ch
Thu, 25 Jul 2002 11:58:06 +0200 (MET DST)


I am trying to set up a new AFS cell from scratch, using
OpenAFS 1.2.5 on Solaris 8. So far I managed to install
a server and a client machine, and they seem to be functional.

The only AFS user I have so far is admin.
Next I want to create some real AFS users.
But it fails:

# klog admin
# pts createuser newuser <uid>
# kas create newuser -admin admin
Creating user newuser  : [ka] caller not authorized

Indeed my admin user is lacking the ADMIN flag:

# kas examine admin -admin admin
Administrator's (admin) Password:
User data for admin
  key (2) cksum is 4046955145, last cpw: Wed Jul 24 19:22:22 2002
  password will never expire.
  An unlimited number of unsuccessful authentications is permitted.
  entry never expires.  Max ticket lifetime 25.00 hours.
  last mod on Tue Jul 23 16:51:13 2002 by <none>
  permit password reuse
I try to give ADMIN privilege to admin, but no success:

# kas setfields admin =ADMIN -admin admin
Administrator's (admin) Password:
kas:setfields: caller not authorized calling KAM_SetFields for admin.

As it seems, admin cannot give itself ADMIN because it has no ADMIN.
It's a chicken-and-egg problem. Any ideas?

Thanks in advance