[OpenAFS] OpenAFS+KerberosV permission problem
Richard Wallace
rwallace@a--i--m.com
Wed, 28 May 2003 20:22:59 -0700
Derrick J Brashear wrote:
>You should reply to openafs-info, since I may not answer in a timely
>manner.
>
>
>
>>pts createuser -name tester -cell mycell
>>
>>Do I need to specify the id?
>>
>>
>
>Nope.
>
>
>
>>If so, should it be the user system id as
>>in the passwd file (or in my case ldap)?
>>
>>
>
>That's a common way of doing this.
>
>_______________________________________________
>OpenAFS-info mailing list
>OpenAFS-info@openafs.org
>https://lists.openafs.org/mailman/listinfo/openafs-info
>
>
I'm still getting permission denied after adding the user by executing:
pts createuser -name rwallace -id 1000 -noauth
I had to do noauth cause I'm no longer running the kaserver (I shutdown
bosserver and restarted it using the -noauth option). To avoid this in
the future I added the user rwallace to the system:administrators. Then
I shutdown the bosserver and restarted it normally. Everything seemed
to go right with getting the tickets and afs token. But I'm still
getting the 'Permission denied' message. Also, if I try and do a 'pts
ex rwallace' after getting the token it kicks me out with:
pts: Permission denied ; unable to find entry for (id: 1000)
But if I run it with -noauth or before getting a ticket (which reverts
to a noauth) it displays the users info as:
Name: rwallace, id: 1000, owner: system:administrators, creator: anonymous,
membership: 1, flags: S----, group quota: unlimited.
Clearly the user is there with an id of 1000, so why is pts reporting it
can't find it?
Rich
P.S. This is frustrating... every step I take I feel like I hit another
roadblock. I think I'm so close to being done. But I really appreciate
the help everyone has been giving. Thanks a bunch!