[OpenAFS] Re: build error when linking with heimdal-dev (Re: [OpenAFS] bosserver -noauth& changes cell to localcell)

Michael Meffie mmeffie@sinenomine.net
Fri, 14 Apr 2017 13:37:25 -0400


On Fri, 14 Apr 2017 02:51:45 +0000
Ted Creedon <tcreedon@easystreet.net> wrote:

> The strace is ~ 40 lines long & is useless..
> 
> what (dir, file) permissions are required?
> 
> I'd suggest removing any cell improvements since the error messages are misleading.

Hi Ted,

The feature Jeff described, in which the bosserver creates a default cell
configuration if it is missing, is not a new feature. It's been present since
OpenAFS 1.0.  Basically, the bosserver will create a ThisCell/CellServDB file
with default values if they are not present.  Perhaps something else is setting
those default values. Are you running some scripts or something else?

By the way, the -noauth flag isn't normally needed any longer for setting up a
new cell. It was useful back in the kaserver days, since you needed -noauth to
create the service keys with kaserver, but in a modern setup, you do not need
-noauth if you set the service key before you start the bosserver.

You can set the key with asetkey before running the bosserver. However, one
minor complication; in the current releases (and master) asetkey does require
the cell configuration to be present (CellServDB/ThisCell). They can be default
values for asetkey.

You can do the following:

1. Create default ThisCell/CellServDB files in the path the servers expect.
2. Use asetkey to create the KeyFile/KeyFileEx
3. Start the bosserver (without -noauth)
4. Run authenticated bos to setup the cellname, hosts, and superusers

Thanks,
Mike

-- 
Michael Meffie <mmeffie@sinenomine.net>