[OpenAFS] Debian - openafs -noauth problems
Mon, 15 Aug 2005 11:26:16 -0400
Thanks for your response.
On Saturday 13 August 2005 7:41 am, Sergio Gelato wrote:
> * Madhusudan Singh [2005-08-12 15:34:14 -0400]:
> > Tokens held by the Cache Manager:
> > User's (AFS ID 2) tokens for firstname.lastname@example.org [Expires Aug 13 01:18]
> > --End of list--
> > omega:~# fs setacl /afs system:anyuser rl
> > fs: You don't have the required access rights on '/afs'
> > Yet again.
> Yes, and to me that still smells of a krb.conf problem. Can you show us
> the ouput of head -1 krb.conf (i.e., the first line of the file)? That
> should name the realm for your cell, and no other.
I get :
omega:~# head -1 /etc/openafs/server/krb.conf
> If that checks out, I'd look at the enctypes for the afs/omega.domain.edu
> Kerberos principal. Make sure it only has single-DES: no DES3, no AES, etc.
> At the very least you should check that kinit/aklog got you single-DES
> AFS service tickets (klist -e (MIT, Sun) or klist -v (Heimdal) should
I have :
Etype (skey, tkt): DES cbc mode with CRC-32, DES cbc mode with CRC-32
> > Out of sheer frustration,
> > omega:~# cd /etc/openafs/server
> > omega:/etc/openafs/server# ln -s /etc/krb.conf .
> How about a bos restart at this point?
omega:~# /etc/init.d/openafs-fileserver restart
Same as before :
omega:~# fs setacl /afs system:anyuser rl
fs: You don't have the required access rights on '/afs'