[OpenAFS] How to replicate files on different machines

Jeffrey Hutzelman jhutz@cmu.edu
Tue, 19 Dec 2006 14:37:58 -0500

On Tuesday, December 19, 2006 05:12:43 PM +0530 
shailesh_joshi@persistent.co.in wrote:

> I'm trying to use 'kinit' and 'aklog' to get admin tokens for accessing
> the cell under /afs on my client machine. Though these are installed on
> my machine, I'm not able to configure these, since I'm not able to find
> the syntax for using 'aklog' in 1.4.2 documentation. As we use 'kas' tool
> to create Authentication Database entries, which are later accessed by
> 'klog' command, is there any similar way to create entries for 'aklog'
> and 'kinit'?

If you're setting up a new cell, don't use the kaserver; it's deprecated, 
and for good reason.  Set up a real Kerberos realm instead, and then use 
'kinit' to get Kerberos tickets followed by 'aklog' to get AFS tokens.

If you have an existing cell which uses the kaserver, then 'klog' is the 
correct command.  However, you still will not be able to see into a 
newly-created volume unless you obtain tokens for a user that exists in the 
PTS database and is a member of the system:administrators group.  Of 
course, if you have an existing cell, then you should already have at least 
one such user, and you should also have an existing root.cell volume which 
has a more permissive ACL.

-- Jeffrey T. Hutzelman (N3NHS) <jhutz+@cmu.edu>
   Sr. Research Systems Programmer
   School of Computer Science - Research Computing Facility
   Carnegie Mellon University - Pittsburgh, PA