[OpenAFS] Re: fs: You don't have the required access rights on '/afs'

Brandon Allbery ballbery@sinenomine.net
Wed, 9 Jan 2013 18:36:39 +0000

  On Wed, 9 Jan 2013 10:16:25 +0800 (CST)=0A=
  =1B$B9:M'=3DU=1B(B <idealhang@163.com> wrote:=0A=
  > fs setacl /afs system:anyuser rl=0A=
  > it tells me :=0A=
  > fs:You don't have the required access rights on '/afs'=0A=
  > I know I have no right.But how can I get the access right?=0A=
  You need to have AFS tokens as an AFS administrator. Run 'kinit' and=0A=
  'aklog' before running 'fs setacl /afs system:anyuser rl'.=0A=
* /afs is usually a read-only volume; you need to make the permission chang=
e in the read-write volume and "vos release" it for it to become visible.=
* If the OpenAFS client is configured with dynroot, /afs is not backed by a=
 volume and you can't set an ACL on it.  You will need to switch off dynroo=
t and create a real root.afs volume and populate it from your CellServDB.=
* Many of the things you do during initial cell setup can be done with auth=
 disabled (bos running in noauth mode), but setting ACLs isn't one of them;=
 you *must* have a valid token which grants "a" access.=0A=
brandon s allbery kf8nh                               sine nomine associate=
allbery.b@gmail.com                                  ballbery@sinenomine.ne=
unix, openafs, kerberos, infrastructure, xmonad        http://sinenomine.ne=