[OpenAFS] Initial configuring openafs server: got some obscured errors

Derrick Brashear shadow@gmail.com
Fri, 25 May 2012 08:15:17 -0400

On Fri, May 25, 2012 at 7:29 AM, ayvango <ayvango@zoho.com> wrote:
> I tried to install openafs server and build a cell on my gentoo box.
> net-fs/openafs =A0 =A0 =A0 =A0 =A0 =A0 version: 1.6.1[kerberos pam -doc]
> net-fs/openafs-kernel =A0 version: 1.6.1[kernel_linux]
> app-crypt/mit-krb5 =A0 =A0 =A0 version: 1.9.2-r2[keyutils pkinit threads =
-doc -openldap -test -xinetd]
> I had followed this guide: http://en.gentoo-wiki.com/wiki/OpenAFS_with_MI=
> MIT Kerberos realm was configured smoothly, I can access it with administ=
rator password via kadmin and it shows all principals mentioned in the guid=
> I'm stack at point of first-time client run. http://en.gentoo-wiki.com/wi=
> If I run
> =A0afsd -fakestat -stat 2000 -dcache 800 -daemons 2 -volumes 70 -debug
> =A0(not using afsdb to get rid of possible dns-configuration errors)

can i suggest using dynroot, so afs mounts regardless of whatever
other errors you might have made?

you can always use fs newcell to correct mislisted database servers.

> I got some debug messages with this:
> ...
> afsd: All AFS daemons started.
> ...
> =A0SScall(137, 28, 9)=3D0 SScall(137, 28, 9)=3D0 SScall(137, 28, 9)=3D0 S=
Scall(137, 28, 9)=3D0 SScall(137, 28, 9)=3D0 SScall(137, 28, 9)=3D0 SScall(=
137, 28, 9)=3D0 SScall(137, 28, 9)=3D0 SScall(137, 28, 9)=3D0 SScall(137, 2=
8, 9)=3D0 SScall(137, 28, 9)=3D0 SScall(137, 28, 9)=3D0 SScall(137, 28, 9)=
=3D0 SScall(137, 28, 9)=3D0 SScall(137, 28, 9)=3D0 afsd: Calling AFSOP_GO w=
ith cacheSetTime =3D 0
> SScall(137, 28, 100)=3D0 afsd: All AFS daemons started.
> afsd: Forking trunc-cache daemon.
> afsd: Mounting the AFS root on '/afs', flags: 0.
> SScall(137, 28, 3)=3D0 afsd: Can't mount AFS on /afs(22)

afs didn't mount, probably your database servers weren't reachable.

> If I try to do aklog first, I got this:

first, e.g. before starting afsd? nothing will be listening to pioctls.

> # aklog -d
> Authenticating to cell asu.aaa.bb (server dali.asu.aaa.bb).
> Trying to authenticate to user's realm STA.
> Getting tickets: afs/asu.aaa.bb@STA
> Using Kerberos V5 ticket natively
> About to resolve name afsadmin to id in cell asu.aaa.bb.
> Id 1
> Set username to AFS ID 1
> Setting tokens. AFS ID 1 @ asu.aaa.bb
> aklog: a pioctl failed while obtaining tokens for cell asu.aaa.bb
> The documentation on the official site seemed to be outdated,

It's still correct.

> I can not find any actual one more detailed than the guide I've used.
> I'm sure there is a trivial error in my configurations and I need help to=
 find it.
> Detailed info below:
> Filesystems:
> reiserfs is mounted over /afs for cell data

that's not going to be helpful. *nothing* should be mounted on /afs;
afsd will do that for you.

> reiserfs is mounted over /afs_cache for client cache

not the most well-tested option, but the reason this used to be
explicitly unsupported was changed.

if you run "vos examine root.afs" and "vos examine root.cell" do both
return information about a volume?

> What may the mistake be? How can I check it? What is the appropriate orde=
r of client initialization (afsd first or aklog first)?

1) aklog first will never work
2) aklog is irrelevant to client startup.