[OpenAFS] Debian - openafs -noauth problems

Russ Allbery rra@stanford.edu
Wed, 24 Aug 2005 18:36:31 -0700

Madhusudan Singh <singh.madhusudan@gmail.com> writes:

> Thanks for all the help. Ran afs-newcell, got tokens as the admin, and
> ran afs-rootvol and the whole process seems to have concluded
> successfully. Thanks for the very helpful scripts. I will be studying
> the logs to see how this process differed from my prior attempt.

Excellent, I'm glad to hear that it worked!

> Your excellent README then suggests that the AFS admin guide be
> consulted. I looked at :

> http://grand.central.org/twiki/bin/view/AFSLore/InstallingtheFirstAFSMachine#Storing_AFS_Binaries_in_AFS

> which suggests that AFS related binaries be stored in the AFS filespace
> under its own volume (sysname = i486_linux24 for me).

Some of this information really doesn't apply to Debian; it's designed
more for sites that are planning on doing all their software management
via AFS.  With Debian, all the AFS binaries are installed in /usr/bin and
similar paths as appropriate, as with any other package.

> Now, under Debian, the AFS binaries are dumped into /usr/bin, indistinct
> from other system binaries. So, what is the recommended policy for
> Debian ?

Just use the client packages and be happy; there's no need to put any of
that into AFS.  Hard drives aren't as tiny as they used to be.

> In a previous incarnation, this server was a simple Linux server where a
> bunch of users had some files stored in /home/username. Prior to my
> setting up the OpenAFS server, I had backed these up to another server
> (not running OpenAFS) under /backup/username. I was wondering if there
> is a certain method to be followed in restoring these for use. Right
> now, I can see the following steps :

> 1. Create a user group under pts.
> 2. Add all the users to the user group.
> 3. Unknown.

> PS : How does one set quotas for the users ?

This is where reading the admin guide will come in handy.  You will
generally want to create a separate volume for every user, since AFS
quotas are by volume, and mount those under /afs/your.cell/users.  Each
user should then have a PTS entry created with a UID matching the UID
they'll use on your systems, and then they can be added to the ACL for
their home volumes.

There's no need to create a user group unless you want content to be
accessible to that particular set of people but not to other people who
use your AFS cell.

But I recommend reading through the admin guide, since there are a bunch
of concepts you'll now want to read about and experiment with.

Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>