[OpenAFS] mod_waklog question

Michael Meffie mmeffie@sinenomine.net
Wed, 12 Jul 2017 10:30:01 -0400

> > How could i verify if a new pag is created or not ?

Jason Edgecombe <jwedgeco@uncc.edu> wrote:

> After running "k5start -t -f keytab principal_for_httpd bash", run "id" and
> look at the groups entries. If you have a new PAG, then you'll see a group
> with a high GID (like 10 digits), but no name.
> Here is a snippet of my "id" output
> uid=12345(jwedgeco) gid=500(domain users) groups=500(domain
> users),3455(linux-team),999 (all-users),1095560020 context=...
> In the above output, the 1095560020 is the temporary fake group gid
> associated with my PAG.
> The other way to see if it has a new PAG, is to run to kstart commands a
> few seconds apart in separate windows and compare the "tokens" command
> output to make sure that are different.

Also, If you are running on linux, it is sometimes helpful to look at
/proc/fs/openafs/unixusers which lists the UID or PAG and the associated
ViceId for the current ones in the cache manager.

PAG numbers are always in the range of 0x41000000 to 0x41ffffff, which
in decimal is, 1090519040 to 1107296255.  (The magic number 0x41 is 'A'
in ASCII, 'A' for AFS, I suppose.)

Michael Meffie <mmeffie@sinenomine.net>