AW: [OpenAFS] Re: Problems with ACLS

Stefan Michael Guenther
Mon, 7 May 2012 17:49:05 +0200


> > User's (AFS ID 1010) tokens for [Expires May  8 15:40]
> >    --End of list--
> 'pts examine 1010' to double-check.
Name: stefan, id: 1010, owner: system:administrators, creator:admin,
 membership: 0, flags: S----. group quota: 20.

Is it correct, that the user stefan doesn't have to exist on the client as a Unix account, because user management is done by AFS?

> Run 'tokens' again after this. Is there anything in syslog/dmesg
> mentioning AFS? Your tokens can be discarded due to a few different
> errors, but they encountering them results in kernel log messages.
no entries in dmesg or any log file.

> the other thing to try is aklog -force; if you added the user to the
> pts group after they got tokens, they need new tokens.
using -force didn't solve it.

BTW: Should this permission problem be recorded by the server? The logfiles in /usr/afs/logs were changed more than 3 hours ago, while I was just getting another "permission denied".