AW: [OpenAFS] Re: Problems with ACLS
Stefan Michael Guenther
Mon, 7 May 2012 17:49:05 +0200
> > User's (AFS ID 1010) tokens for firstname.lastname@example.org [Expires May 8 15:40]
> > --End of list--
> 'pts examine 1010' to double-check.
Name: stefan, id: 1010, owner: system:administrators, creator:admin,
membership: 0, flags: S----. group quota: 20.
Is it correct, that the user stefan doesn't have to exist on the client as a Unix account, because user management is done by AFS?
> Run 'tokens' again after this. Is there anything in syslog/dmesg
> mentioning AFS? Your tokens can be discarded due to a few different
> errors, but they encountering them results in kernel log messages.
no entries in dmesg or any log file.
> the other thing to try is aklog -force; if you added the user to the
> pts group after they got tokens, they need new tokens.
using -force didn't solve it.
BTW: Should this permission problem be recorded by the server? The logfiles in /usr/afs/logs were changed more than 3 hours ago, while I was just getting another "permission denied".