[OpenAFS] Minimal toy OpenAFS install?
Ken Dreyer
ktdreyer@ktdreyer.com
Fri, 14 Feb 2014 09:10:24 -0700
On Thu, Feb 13, 2014 at 8:59 PM, fork <forkandwait@gmail.com> wrote:
> I figure I would
> install Kerberos and OpenAFS, but I am hoping to avoid BIND if I can. I
> thought I would install the Kerberos key server on the same machine as
> OpenAFS, since it is a toy system anyway.
By the way, if you're looking for a DNS server that's simpler than
BIND, here's the dnsmasq.conf section that I use for my small OpenAFS
cell and Kerberos realm:
# Kerberos
txt-record=_kerberos.ktdreyer.com,"KTREYER.COM"
srv-host=_kerberos._udp.ktdreyer.com,"kdc1.ktdreyer.com",88
srv-host=_kerberos._tcp.ktdreyer.com,"kdc1.ktdreyer.com",88
srv-host=_kerberos-master._udp.ktdreyer.com,"kdc1.ktdreyer.com",88
srv-host=_kerberos-adm._tcp.ktdreyer.com,"kdc1.ktdreyer.com",749
srv-host=_kpasswd._udp.ktdreyer.com,"kdc1.ktdreyer.com",464
# OpenAFS
srv-host=_afs3-prserver._udp.ktdreyer.com,"afsdb1.ktdreyer.com",7002
srv-host=_afs3-vlserver._udp.ktdreyer.com,"afsdb1.ktdreyer.com",7003
"kdc1.ktdreyer.com" runs my MIT Kerberos KDC (CentOS 6), and
"afsdb1.ktdreyer.com" runs the AFS vlserver and ptserver, but there's
no reason they couldn't be the same system.
I just configure the dnsmasq daemon on the router on my LAN (running OpenWRT).
- Ken