[OpenAFS] Some beginner questions

Derek Atkins warlord@MIT.EDU
15 Oct 2002 10:55:36 -0400 

Andrew Leahy <aleahy@knox.edu> writes:

> Hello,
> 
> I've been reading through the "Quick Beginnings" documentation and have
> a couple of questions about how AFS operates:
> 
> 2. Can non-interactive scripts access AFS space?  For instance, is it
> possible for root or a generic user to run commands from cron which
> access AFS space? I don't see how these scripts would obtain tokens
> without someone manually entering in a password at some point.

Sort of.  You can use (relatively insecure) IP ACLs..  Or you can use
a "keytab" based system (where the server running the long-job stores
a password in a file readable only by root and obtains a token for AFS
using that keytab).

> 1. Can a volume mount point be contained within a subdirectory of
> another volume? In all of the examples covered in the "Quick Beginnings"
> documentation, great care is taken to place a mounted volume immediately
> below the root level of another volume--e.g., in "Storing AFS Binaries
> in AFS", the sequence of commands is:

Yes, a volume mount point can be contained within a subdirectory.

> As far as I can tell, the systemname and systemname.usr volumes don't
> contain anything except other volumes.  Why not just 
> 
> mkdir /afs/.cell/systemname
> mkdir /afs/.cell/systemname/usr
> vos create machine partition systemname.usr.afsws
> fs mkmount -dir /afs/.cell/systemname/usr/afsws -vol sysname.usr.afsws

The reason for this is that you have to clone "volumes", not
"directories".  The deeper your directories, the more of the hierarchy
will be affected every time you release the volume, and the more often
you need to release it because there are more places you can add a
volume.

> Are there good reasons for creating such a hierarchy of empty volumes?
> I'd like to create a set of user volumes which reside in
> /afs/cell/home/employee or /afs/cell/home/student and I'm curious if I
> should create home, home.employee, and home.student volumes as well.

If you just create a 'home' volume with subdirectories of employee and
student, then anytime you add ANY homedir you will have to re-release
the "home volume.  On the other hand, if you have separate volumes for
home.employee and home.student, then you only need to release the
apropriate sub-volume when you add a new homedir.

Granted, this all assumes you use multiple servers and replication,
but there is little reason NOT to do so ;)

> Thanks for your help.
> 
> Andrew Leahy

-derek

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available