[OpenAFS] running vos from "another" machine

Ron Croonenberg ronc@depauw.edu
Thu, 25 Aug 2005 12:50:44 -0500

Hi Kim,

I noticed that the -localauth had something to do with it.

Sooo...what I did is simply execute  the vos commands without the
-localauth. And that seemed to work.

Maybe I am missing something, it surprised me. I didn't klog or anything
and was able to "dump" a volume.


>>> "Dexter 'Kim' Kimball" <dhk@ccre.com> 08/25/05 11:09 AM >>>

"vos" per se doesn't require the /usr/afs/etc directory

OTOH "vos" with "-localauth" _does_ require the up-to-date

"-localauth" essentially means "I'm root on this here machine that has a
KeyFile so create some AFS admin credentials for me."  

Without the KeyFile "vos ... -localauth" simply can't create the
token/ticket you require.

If you sftp /usr/afs/etc/KeyFile from one of your AFS servers to the
client-only box from  which you're running vos you'll be up and running
"vos .... -localauth"

When you change keys remember to update the KeyFile on your admin

Putting the KeyFile on a client isn't a good idea unless the machine in
question is secure/limited access, which yours is.


     -----Original Message-----
     From: openafs-info-admin@openafs.org 
     [mailto:openafs-info-admin@openafs.org] On Behalf Of Ron 
     Sent: Wednesday, August 24, 2005 4:07 PM
     To: dhk@ccre.com
     Cc: openafs-info@openafs.org
     Subject: RE: [OpenAFS] running vos from "another" machine
     I have installed/setup :
     now if I try to do a vos dump like :
     vos dump -id homestaff.cowboy.backup -f
     /data/afs-dump/homestaff.cowboy.backup -localauth          
     vsu_ClientInit: Could not process files in configuration directory
     could not initialize VLDB library (code=4294967295) 
     And when I look in /usr/afs, then /usr/afs/etc isn't there.
     So I assume in order to use vos  it needs to be there. 
     What needs to be
     in it ?  the same thing/stuff as in the 
     fileserver/dbserver /usr/afs/etc
     >....., so be sure to have a local account or a local 
     password for your 
     >AFS account.
     I have a local account on that machine.
     > You'll have to klog after you log in.
     right..  and that seems to work just fine.
     >I'm sure we could come up with something more complicated :)
     ;-)  looking forward to it...
     oh and btw, in case you're wondering  why I want this..  I 
     want to dump
     the volumes on a "backup server" that no one has access to.
     (other stuff is dumped/archived on that machine too)
     OpenAFS-info mailing list

OpenAFS-info mailing list