[OpenAFS] Debian - openafs -noauth problems
Fri, 19 Aug 2005 12:47:31 -0700
Sergio Gelato <Sergio.Gelato@astro.su.se> writes:
> One aspect that I found to be insufficiently documented is the need to
> write your realm name in /etc/openafs/server/krb.conf . It's been
> mentioned before on this mailing list, but seems to be missing from both
> Debian's and Gentoo's instructions, presumably because it's only needed
> when your cell name doesn't match your realm name.
This is now in the Debian instructions in Subversion and will be there in
the next upload. (I'm hoping to upload a new package in a week or so; I'm
not sure yet if it will be 1.3.87-2 or a 1.4 RC -- probably the latter.)
>> There is a tool called pt_util for initially creating a
>> PTDB-Database-file without any tokens needed (The first space in the
>> 3rd line is important!):
> (And afs-newcell obfuscates that space.)
Oh, and so it does. I missed that. It will be unobfuscated in the next
> 1. "bos addhost" put my server's IP address between square brackets in
> /etc/openafs/server/CellServDB. This caused the server (the only one in
> the cell at this point) not to count for quorum, and "vos create ...
> root.afs" to fail. Edit the file, remove the brackets, "bos restart",
This one is odd. I've worked around it by avoiding bos addhost in the
next version of afs-newcell, but I need to track down why bos addhost
didn't work. It should have.
> 2. I'm not 100% sure that this would have been a problem, but as my
> afsd starts with -dynroot by default I chose to stop it and restart
> it with a static root before running afs-rootvol.
Sergio since wrote a patch to allow afs-rootvol to work with -dynroot, and
that has been applied and will be in the next release.
Russ Allbery (firstname.lastname@example.org) <http://www.eyrie.org/~eagle/>