[OpenAFS] Why do I get "pts: Permission denied" ??
Simon Wilkinson
simonxwilkinson@gmail.com
Mon, 23 Apr 2012 13:12:54 +0100
On 23 Apr 2012, at 12:59, Stefan Michael Guenther wrote:
> Hi,
>=20
> our system is a Heimdal Kerberos together with an OpenAFS 1.6.0.1 on a =
Ubuntu 11.10.
>=20
> My first attempt was to add myself to the group of administrators:
>=20
> root@intranet:~# pts adduser stefan system:administrators -cell =
in-put.de -noauth
> pts: Permission denied ; unable to add user stefan to group =
system:administrators
-noauth means "Make the connection to the ptserver without any =
authentication at all". It will only work if the ptserver is running in =
NoAuth mode (which you do by starting the bosserver with the -noauth =
flag).
You're getting this error because, in normal operation, the anonymous =
user doesn't have permission to create users or groups.
> root@intranet:~# aklog -d
> Authenticating to cell in-put.de (server intranet.in-put.de).
> Trying to authenticate to user's realm IN-PUT.DE.
> Getting tickets: afs/in-put.de@IN-PUT.DE
> Using Kerberos V5 ticket natively
> Identical tokens already exist; skipping.
> root@intranet:~# tokens
>=20
> Tokens held by the Cache Manager:
>=20
> User's (AFS ID 1) tokens for afs@in-put.de [Expires Apr 23 23:31]
> --End of list--
>=20
> Why am I not allowed to add a new user or group?
Does it work if you try these commands without the -noauth flag?
Cheers,
Simon.