[OpenAFS] Re: fs: You don't have the required access rights on
'/afs'
Brandon Allbery
ballbery@sinenomine.net
Wed, 9 Jan 2013 18:36:39 +0000
On Wed, 9 Jan 2013 10:16:25 +0800 (CST)=0A=
=1B$B9:M'=3DU=1B(B <idealhang@163.com> wrote:=0A=
=0A=
> fs setacl /afs system:anyuser rl=0A=
> it tells me :=0A=
> fs:You don't have the required access rights on '/afs'=0A=
> I know I have no right.But how can I get the access right?=0A=
=0A=
You need to have AFS tokens as an AFS administrator. Run 'kinit' and=0A=
'aklog' before running 'fs setacl /afs system:anyuser rl'.=0A=
=0A=
Additionally:=0A=
=0A=
* /afs is usually a read-only volume; you need to make the permission chang=
e in the read-write volume and "vos release" it for it to become visible.=
=0A=
=0A=
* If the OpenAFS client is configured with dynroot, /afs is not backed by a=
volume and you can't set an ACL on it. You will need to switch off dynroo=
t and create a real root.afs volume and populate it from your CellServDB.=
=0A=
=0A=
* Many of the things you do during initial cell setup can be done with auth=
disabled (bos running in noauth mode), but setting ACLs isn't one of them;=
you *must* have a valid token which grants "a" access.=0A=
=0A=
--=0A=
brandon s allbery kf8nh sine nomine associate=
s=0A=
allbery.b@gmail.com ballbery@sinenomine.ne=
t=0A=
unix, openafs, kerberos, infrastructure, xmonad http://sinenomine.ne=
t=