[OpenAFS] AFS/UNIX attributes, installing AFS piecemeal, and AFS on XFS

Derrick J Brashear shadow@dementia.org
Mon, 23 Jun 2003 23:49:44 -0400 (EDT) 

On Mon, 23 Jun 2003, John Gruenenfelder wrote:

> 1) After reading the sections on how AFS handles UNIX file attributes, I am
> still a little uncertain as to how it behaves.  In particular, some of the
> docs read as though most of the UNIX file attributes are ignored for files,
> since ACLs are at the directory level.
>
> This would be of concern in home directories.  For example, in $HOME/.ssh
> there are files which must be readable by all (public key) and others which
> must not be publicly readable (private key).  This can't be handled by
> directory level ACLs and needs the UNIX permissions instead.  I'm assuming
> this must work on AFS home dirs, but the docs were confusing.  Does it work?

UNIX file permissions are advisory in AFS. If you rely on them, you *will*
be sad.

mkdir .ssh
mkdir .ssh/private
fs sa .ssh system:anyuser rl
fs sa .ssh/private me all -clear
cd .ssh
ln -s private/whatever .


> 2) When I install AFS, I would like to do the install piecemeal.  By this I
> mean that I would prefer to install and configure Kerberos first and get it
> working.  Once that is done, then I would like to install AFS.  I know AFS
> makes heavy use of Kerberos, so I just want to make sure this route is
> doable.  Can I perform such an install?

Sure.

> 3) Lastly, I have seen conflicting information about whether the XFS
> filesystem can be used underneath AFS.  One document, in the AFSLore Wiki
> website, says that XFS *has* been used successfully for the AFS cache on IRIX
> systems.  I am running on x86 platforms.

When was IRIX for x86 introduced?

> However, looking through the mailing
> list archive, I have found an email which said that XFS will *not* work for
> the XFS cache.  Which is correct?

Both, probably. XFS isn't safe: on Linux. XFS is safe: on IRIX.

> Can I still use XFS for the main XFS data
> store and perhaps just use something else (like ext3) for the cache area?

Yes.

> Is this a bug that will be fixed or just an incompatibility with XFS?

Unknown to me.