[OpenAFS] Permission denied accessing /afs during installation

Alan Tam Tam@SiuLung.com
Sat, 26 Mar 2005 03:07:32 +0800


Hi folks,

I've installed openafs, got a token, but failed to access the /afs 
partition. Here are the details:

I downloaded and compiled the Debian 1.3.79 version from [1]. My linux 
kernel is version 2.6.10-6 from Debian (kernel-image-2.6.10-1-686). The 
module loads successfully and the partition is mounted.

Basically I follow the guide in DebianPlanet [2], which is kind of old - 
I know. Everything succeeds until "fs checkvolumes" shows simply:
root@peach:~# fs checkvolumes
All volumeID/name mappings checked.
root@peach:~#

Trying to do "fs setacl" will result "fs: You don't have the required 
access rights on '/afs'".

The most related "error" is probably this, available in 
/var/log/openafs/BosLog:
Sat Mar 26 02:23:13 2005: Server directory access is okay
Sat Mar 26 02:24:49 2005: fs:vol exited on signal 15
Sat Mar 26 02:24:49 2005: fs:scanner exited on signal 15
Sat Mar 26 02:24:49 2005: ptserver exited on signal 15
Sat Mar 26 02:24:49 2005: fs:file exited with code 0

Another symptom is that I failed to run some privileged bos commands, e.g.:
root@peach:~# bos listkeys -server peach
bos: you are not authorized for this operation error encountered while 
listing keys
root@peach:~#

Here are some excerps of my configurations:

root@peach:~# bos status -server peach -long
Instance fs, (type is fs) currently running normally.
    Auxiliary status is: file server running.
    Process last started at Sat Mar 26 02:24:49 2005 (6 proc starts)
    Last exit at Sat Mar 26 02:24:49 2005
    Command 1 is '/usr/lib/openafs/fileserver'
    Command 2 is '/usr/lib/openafs/volserver'
    Command 3 is '/usr/lib/openafs/salvager'
    Command 4 is '/usr/lib/openafs/vlserver'

Instance ptserver, (type is simple) currently running normally.
    Process last started at Sat Mar 26 02:24:49 2005 (2 proc starts)
    Last exit at Sat Mar 26 02:24:49 2005
    Command 1 is '/usr/lib/openafs/ptserver'

root@peach:~# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: admin@SIULUNG.COM

Valid starting     Expires            Service principal
03/26/05 01:55:29  03/26/05 11:55:27  krbtgt/SIULUNG.COM@SIULUNG.COM
03/26/05 01:55:39  03/26/05 11:55:27  afs@SIULUNG.COM


Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
root@peach:~# tokens

Tokens held by the Cache Manager:

User's (AFS ID 1) tokens for afs@afs.siulung.com [Expires Mar 26 11:55]
   --End of list--
root@peach:~# cat /etc/openafs/ThisCell
afs.siulung.com
root@peach:~# head -2 /etc/openafs/CellServDB
 >afs.siulung.com
218.190.66.36           # peach.siulung.com
root@peach:~#


I've looked through the openafs mailing lists, having found several 
articles with related errors, none of which solved my problem. Any 
clues? Thanks a lot!

-- 
Regards,
Alan

Answer: Because we read from top to bottom, from left to right.
Question: Why should we put replies after the original text?

[1] svn://ia.mit.edu/svn-debian/openafs/branches/experimental
[2] http://www.debianplanet.org/node.php?id=816