[OpenAFS] Re: OpenAFS 1.4.2 on latest FC5 kernel

David Howells dhowells@redhat.com
Thu, 26 Oct 2006 15:04:17 +0100


Axel Thimm <Axel.Thimm@ATrpms.net> wrote:

> Add http://orion.lcg.ufrj.br/~roma/scripts/macros.txt to ~/.rpmmacros
> or /etc/rpm/macros.

Ah.

> Have you tried the binary packages?

I overlooked the x86_64 kernel module the first time I looked through the
webpage and thought there weren't any.  I've since downloaded the binary
packages and installed them.


Next question: How come you install many of the files in different places to
the standard openafs RPMs?  I've got a script to set up a simple server (see
attached) that I use with the standard RPMs, but it doesn't work with yours:-/

David


#!/bin/sh
#
# OpenAFS setup script
#

#service afs stop
#rpm -e `rpm -qa | grep openafs`
#rm -rf /usr/afs /usr/vice /vicepa/*

#
# Before running this script, do the following:
#
# - create a user called "admin" and stick their password in below
# - create, format and mount a fresh partition to use as the AFS root store.
#   (mount it on /vicepa)
# - decide on appropriate MYCELL and MYSERVER names
# - point RPMDIR, RPMVER and DOCDIR at the appropriate place
#

MYCELL=${MYCELL:-`domainname`}
MYCELLSHORT=`echo $MYCELL | cut -d. -f1`
MYSERVER=${MYSERVER:-`hostname`}
AFSPASSWD=${AFSPASSWD:-rhubarb1}
ADMINPASSWD=${ADMINPASSWD:-custard2}
ROOTAFSPARTITION=${ROOTAFSPARTITION:-/vicepa}
ARCH=${ARCH:-x86_64}
AFSVER=${AFSVER:-1.4.2}
RPMVER=${RPMVER:-$AFSVER-1.1}
RPMDIR=${RPMDIR:-/usr/src/redhat/RPMS/$ARCH}
DOCDIR=${DOCDIR:-/usr/share/doc/openafs-$AFSVER}

###################################################################################################
#
# Do it!
#
###################################################################################################
if [ `id -u` != 0 ]
    then
    echo "Please run this script as root!" >&2
    exit 2
fi

if [ $# != 0 ]
then
    echo 'No parameters required!' >&2
    exit 2
fi

if ! grep ^admin: /etc/passwd >&/dev/null
then
    echo -n 'Add an "admin" user to the system? [Y/N] '
    read x

    if [ "$x" != "y" -a  "$x" != "Y" ]
    then
	echo 'Please add an "admin" user first!' >&2
	exit 2
    fi

    if [ -z "$ADMINPASSWD" ]
	then
	echo -n 'Please enter the password to use: '
	read ADMINPASSWD

	if [ -z "$ADMINPASSWD" ]
	    then
	    echo "No admin password was entered!"
	    exit 2
	fi
    fi

    echo "Adding \"admin\"..."
    useradd -s /bin/bash -c "AFS Administrator" -p "$ADMINPASSWD" admin || exit 1
fi

if ! su admin -c /bin/true
then
    echo "Can't run programs as the \"admin\" user!" >&2
    exit 2
fi

ADMINUID=`id -u admin`

cat <<EOF
===============================================================================

	Cell			: $MYCELL
	Cell nickname		: $MYCELLSHORT
	This server		: $MYSERVER
	AFS user password	: "$AFSPASSWD"
	Admin user		: admin
	Admin user UID		: $ADMINUID
	Admin user password	: "$ADMINPASSWD"
	Root AFS partition	: $ROOTAFSPARTITION
	OpenAFS RPM Directory	: $RPMDIR
	OpenAFS RPM Version	: $RPMVER
	Documentation Directory	: $DOCDIR

===============================================================================
EOF

echo -n "Press enter to install or Ctrl-C to abort "
read x

echo Installing...

set -x
mkdir -p /afs

#
# Precreate an AFS cell DB
#


#
# install the OpenAFS packages
#
#rpm -ivh $RPMDIR/openafs-$RPMVER.$ARCH.rpm || exit 1
#rpm -ivh $RPMDIR/openafs-docs-$RPMVER.$ARCH.rpm || exit 1
#rpm -ivh $RPMDIR/openafs-kernel-$AFSVER*.$ARCH.rpm || exit 1
#rpm -ivh $RPMDIR/openafs-client-$RPMVER.$ARCH.rpm || exit 1
#rpm -ivh $RPMDIR/openafs-server-$RPMVER.$ARCH.rpm || exit 1

#
# Getting Started on Linux Systems
#
service openafs-server start || exit 1
killall bosserver

#
# Starting the BOS Server
#
#ln -sf /usr/afs/etc/ThisCell /usr/vice/etc/ThisCell
#ln -sf /usr/afs/etc/CellServDB /usr/vice/etc/CellServDB
/usr/sbin/bosserver -noauth || exit 1

#
# Defining Cell Name and Membership for Server Processes
#
bos setcellname -server $MYSERVER -name $MYCELL -noauth || exit 1
cp -f /usr/afs/etc/ThisCell /usr/vice/etc/ThisCell || exit 1
cat /usr/afs/etc/CellServDB >/usr/vice/etc/CellServDB.local || exit 1
#cat /usr/afs/etc/CellServDB >>/usr/vice/etc/CellServDB || exit 1

bos listhosts $MYSERVER $MYCELL -noauth || exit 1

#
# Starting the Database Server Processes
#
bos create $MYSERVER kaserver simple /usr/afs/bin/kaserver -cell $MYCELL  -noauth || exit 1
bos create $MYSERVER buserver simple /usr/afs/bin/buserver -cell $MYCELL  -noauth || exit 1
bos create $MYSERVER ptserver simple /usr/afs/bin/ptserver -cell $MYCELL  -noauth || exit 1
bos create $MYSERVER vlserver simple /usr/afs/bin/vlserver -cell $MYCELL  -noauth || exit 1

#
# Initializing Cell Security
#
echo -e $AFSPASSWD\\n$AFSPASSWD | kas create afs -cell $MYCELL -noauth || exit 1
echo -e $ADMINPASSWD\\n$ADMINPASSWD | kas create admin -cell $MYCELL -noauth || exit 1
kas examine afs -cell $MYCELL -noauth || exit 1
kas setfields admin -flags admin -cell $MYCELL -noauth || exit 1
kas examine admin -cell $MYCELL -noauth || exit 1

bos adduser $MYSERVER admin -cell $MYCELL -noauth || exit 1
echo -e $AFSPASSWD\\n$AFSPASSWD | bos addkey $MYSERVER -kvno 0 -cell $MYCELL -noauth || exit 1
bos listkeys $MYSERVER -noauth -cell $MYCELL || exit 1
pts createuser -name admin -cell $MYCELL -id $ADMINUID -noauth || exit 1
pts adduser admin system:administrators -cell $MYCELL -noauth || exit 1
pts examine admin || exit 1
pts membership admin -cell $MYCELL -noauth || exit 1
bos restart $MYSERVER -all -cell $MYCELL -noauth || exit 1

#
# Starting the File Server, Volume Server, and Salvager
#
bos create $MYSERVER fs fs /usr/afs/bin/fileserver /usr/afs/bin/volserver /usr/afs/bin/salvager -cell $MYCELL  -noauth || exit 1
bos status $MYSERVER fs -long -noauth || exit 1

vos create $MYSERVER $ROOTAFSPARTITION root.afs -cell $MYCELL -noauth || exit 1
vos syncvldb $MYSERVER -cell $MYCELL -verbose -noauth || exit 1
vos syncserv $MYSERVER -cell $MYCELL -verbose -noauth || exit 1
    
#
# Starting the Server Portion of the Update Server
#
bos create $MYSERVER upserver simple "/usr/afs/bin/upserver -crypt /usr/afs/etc -clear /usr/afs/bin" -cell $MYCELL -noauth  || exit 1

#
# Verifying the AFS Initialization Script
#
bos shutdown $MYSERVER -wait -noauth || exit 1
service openafs-server stop || exit 1
service openafs-server start || exit 1
bos status $MYSERVER || exit 1

#
# Now start the client
#
service openafs-client start || exit 1

###############################################################################
#
# The next bit must be done as the admin user
#
###############################################################################
cat >/tmp/do-afs-admin-$$.sh <<EOF
#!/bin/sh -x
echo $ADMINPASSWD | klog admin || exit 1
#
# Configuring the Top Levels of the AFS Filespace
#
fs setacl /afs system:anyuser rl || exit 1
vos create $MYSERVER $ROOTAFSPARTITION root.cell || exit 1
fs mkmount /afs/$MYCELL root.cell || exit 1
fs setacl /afs/$MYCELL system:anyuser rl || exit 1
cd /afs
if [ "x$MYCELL" != "x$MYCELLSHORT" ]
then
    ln -s $MYCELL $MYCELLSHORT || exit 1
fi
cd /usr/afs/bin
fs mkmount /afs/.$MYCELL root.cell -rw || exit 1
vos addsite $MYSERVER $ROOTAFSPARTITION root.afs || exit 1
vos addsite $MYSERVER $ROOTAFSPARTITION root.cell || exit 1
fs examine /afs || exit 1
fs examine /afs/$MYCELL || exit 1
vos release root.afs || exit 1
vos release root.cell || exit 1
fs checkvolumes || exit 1
fs examine /afs || exit 1
fs examine /afs/$MYCELL || exit 1

#
# Storing AFS Documents in AFS
#
vos create $MYSERVER $ROOTAFSPARTITION afsdoc -maxquota 0 || exit 1
fs mkmount -dir /afs/.$MYCELL/afsdoc -vol afsdoc || exit 1
vos release root.cell || exit 1
fs checkvolumes || exit 1
cd /afs/.$MYCELL/afsdoc
fs setacl . system:anyuser rl || exit 1
cp -rp $DOCDIR/* . || exit 1

EOF

chmod +x /tmp/do-afs-admin-$$.sh || exit 1
su admin -c /tmp/do-afs-admin-$$.sh || exit 1
rm /tmp/do-afs-admin-$$.sh || exit 1

# Also, you may want to edit /etc/pam.d/login and
# possibly others there to get an AFS token on login.
# Put the line:
#
# auth sufficient /lib/security/pam_afs.so try_first_pass ignore_root
#
# before the one for pwdb.

exit 0