[OpenAFS] Rookie problems
David S.
dgs@gs.washington.edu
Thu, 7 Oct 2004 17:14:19 -0700
I'm trying to install OpenAFS 1.3.71 on Linux 2.6.8.1 system
(x86 hardware), with Heimdal 0.6.3. I'm making this machine a KDC,
an AFS server, and an AFS client. It will just be an AFS server
eventually, but for testing purposes it needs to perform all three
roles now. I've followed the instructions at
http://www.central.org/twiki/bin/view/AFSLore/KerberosAFSInstall
the "Installing Kerberos & AFS" section of the "AFSLore" wiki. I'm
obviously doing something wrong with the Kerberos configuration, and I'd
be grateful for some guidance on where to look for the problem.
I'm fairly sure that my Kerberos domain is working properly at a basic
level. I can "kinit" and get tickets, and telnet into the localhost using
Kerberos authentication. Likewise, I think that my installation and
configuration of OpenAFS went well, or at least well enough not to leave
any error messages is the log files. I'm stuck in the section of the
OpenAFS installation documentation entitled "Configuring the Top Levels
of the AFS Filespace". The AFS servers and the cache manager seem to
be running properly. I can "kinit" as the "admin" user and get what
seem to be valid tickets, but when I try the command
fs setacl /afs system:anyuser rl
I get the response
fs: You don't have the required access rights on '/afs'
(I did use 'pts' to create and add the "admin" user to the AFS
database.) Indeed, if I try the "tokens" command, I get
tweedledee:28% tokens
Tokens held by the Cache Manager:
User's (AFS ID 20177) tokens for afs@grid.gs.washington.edu [Expires Oct 8 03:05]
--End of list--
I'm not sure what I should see here, but I don't think that's right.
Trying various combinations of "kinit", "kinit --afslog", and "afslog"
didn't make any difference.
I'm at a loss. I'd be grateful for any help.
David S.