[OpenAFS] Users having problems getting into their home directories

Madhusudan Singh singh.madhusudan@gmail.com
Thu, 15 Dec 2005 18:19:40 -0500

On Thu December 15 2005 16:23, Russ Allbery wrote: 

> Madhusudan Singh <singh.madhusudan@gmail.com> writes:
> > I deployed an openafs server on Debian Linux about 4 months ago. It has
> > a backup process defined under AFS that creates backups at 0100 hrs. It
> > has been up ever since. However, starting this morning, users can no
> > longer get into their volumes. I have rebooted and restarted
> > openafs-client services, but to no avail.
> >
> > (msingh belongs to system.administrators)
> >
> > Last login: Thu Dec 15 15:51:43 2005 from x.y.z.w
> > Could not chdir to home directory /afs/omega.domain.edu/user/msingh:
> > Permission denied
> > -bash: /afs/omega.domain.edu/user/msingh/.bash_profile: Permission denied
> > msingh@omega:/$ id
> > uid=58015(msingh) gid=501(bgroup) groups=501(bgroup)
> > msingh@omega:/$ cd
> > -bash: cd: /afs/omega.domain.edu/user/msingh: Permission denied
> Does the user have any tokens?  Run the tokens command to see, and try
> reauthenticating.

The user does not !
$ tokens

Tokens held by the Cache Manager:

   --End of list--

I am using an MIT Kerberos V KDC (located on another machine I have no admin 
access to) to authenticate users that login on this cell.

Though the user can authenticate successfully and login (I tried a bad 
password and it failed as it should - just checking for one possible screw 
up), he does not get tokens.

Upon trying :

$ aklog
aklog: Couldn't get omega.mit.edu AFS tickets:
aklog: Clock skew too great while getting AFS tickets

m_singh@omega:/$ date
Thu Dec 15 17:53:17 EST 2005

Which is about 5 minutes behind the time on my laptop. 

I manually set the date to current date, and started getting tokens normally. 
I have installed ntpdate now, so hopefully this situation will not recur.

Thanks for pointing me in the right direction :)