[OpenAFS] aklog: a pioctl failed while setting tokens for cell
Daria Phoebe Brashear
shadow@gmail.com
Fri, 26 Jul 2019 09:30:08 -0400
--0000000000003405c9058e958b0b
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
On Fri, Jul 26, 2019 at 5:44 AM Jan Posp=C3=AD=C5=A1il <honik@kma.zcu.cz> w=
rote:
> First of all I would like to thank all for your effort to help me, I
> really appreciate it.
>
> On 25 Jul 2019, at 19:49, Daria Phoebe Brashear <shadow@gmail.com> wrote:
> >
> > Can you do the following and give me output?
> >
> > rxdebug localhost 7001 -version
>
> I am afraid I do not have rxdebug, it is not part of the auristor client,
> is it? Where can I get the macOS version of these utils?
>
>
(It's not going to matter)
> Also, I would go to "System Preferences > Security and Privacy" to check
> > if we have to "allow" the kernel extension.
>
> I remember I clicked on allow during the installation. It seems that the
> problem is really in the =E2=80=9Csignature=E2=80=9D:
>
> # kextutil /Library/Extensions/yfs.kext
> Untrusted kexts are not allowed
> [...]
> Kext rejected due to system policy: <OSKext 0x7fe37b9cfa50
> [0x7fffa90b9b40]> { URL =3D
> "file:///Library/StagedExtensions/Library/Extensions/yfs.kext/", ID =3D
> "com.auristor.filesystems.yfs" }
> Diagnostics for /Library/Extensions/yfs.kext:
>
>
> # sqlite3 /var/db/SystemPolicyConfiguration/KextPolicy
> sqlite> SELECT * FROM kext_policy WHERE bundle_id LIKE '%yfs' ;
> L2TGP62ZXS|com.your-file-system.filesystems.yfs|1|AuriStor, Inc.|12
> L2TGP62ZXS|com.auristor.filesystems.yfs|0|AuriStor, Inc.|4
>
> Why there are two policies and why the latter is disabled? On the other
> computer the extension is enabled and everything works fine, so I don't
> understand, why even re-installing the client did not help here.
>
>
There are two policies because the older
(com.your-file-system.filesystems.yfs) policy applies to a module which was
earlier installed on this system. It's the same team (L2TGP62ZXS) so this
actually wasn't supposed to happen, especially given the build is
notarized(!)
Does anything interesting appear at System Preferences > Security and
Privacy > General after
sudo kextload /Library/Extensions/yfs.kext
?
It may be that I need to lay hands on a pre-10.13.6 system, install a
com.your-file-system.filesystems.yfs-era build, and then update both the
system and the kext to reproduce this.
--=20
Daria Phoebe Brashear
AuriStor, Inc
dariaphoebe.com
--0000000000003405c9058e958b0b
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div dir=3D"ltr"><br></div><br><div class=3D"gmail_quote">=
<div dir=3D"ltr" class=3D"gmail_attr">On Fri, Jul 26, 2019 at 5:44 AM Jan P=
osp=C3=AD=C5=A1il <<a href=3D"mailto:honik@kma.zcu.cz">honik@kma.zcu.cz<=
/a>> wrote:<br></div><blockquote class=3D"gmail_quote" style=3D"margin:0=
px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">F=
irst of all I would like to thank all for your effort to help me, I really =
appreciate it.<br>
<br>
On 25 Jul 2019, at 19:49, Daria Phoebe Brashear <<a href=3D"mailto:shado=
w@gmail.com" target=3D"_blank">shadow@gmail.com</a>> wrote:<br>
> <br>
> Can you do the following and give me output?<br>
> <br>
> rxdebug localhost 7001 -version<br>
<br>
I am afraid I do not have rxdebug, it is not part of the auristor client, i=
s it? Where can I get the macOS version of these utils?<br>
<br></blockquote><div><br></div><div>(It's not going to matter)</div><b=
r><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;borde=
r-left:1px solid rgb(204,204,204);padding-left:1ex">
> Also, I would go to "System Preferences > Security and Privacy=
" to check<br>
> if we have to "allow" the kernel extension.<br>
<br>
I remember I clicked on allow during the installation. It seems that the pr=
oblem is really in the =E2=80=9Csignature=E2=80=9D:<br>
<br>
# kextutil /Library/Extensions/yfs.kext<br>
Untrusted kexts are not allowed<br>[...]<br>
Kext rejected due to system policy: <OSKext 0x7fe37b9cfa50 [0x7fffa90b9b=
40]> { URL =3D "file:///Library/StagedExtensions/Library/Extensions=
/yfs.kext/", ID =3D "com.auristor.filesystems.yfs" }<br>
Diagnostics for /Library/Extensions/yfs.kext:<br>
<br>
<br>
# sqlite3 /var/db/SystemPolicyConfiguration/KextPolicy<br>
sqlite> SELECT * FROM kext_policy WHERE bundle_id LIKE '%yfs' ;<=
br>
L2TGP62ZXS|com.your-file-system.filesystems.yfs|1|AuriStor, Inc.|12<br>
L2TGP62ZXS|com.auristor.filesystems.yfs|0|AuriStor, Inc.|4<br>
<br>
Why there are two policies and why the latter is disabled? On the other com=
puter the extension is enabled and everything works fine, so I don't un=
derstand, why even re-installing the client did not help here.<br clear=3D"=
all"><br></blockquote><div><br></div><div>There are two policies because th=
e older (com.your-file-system.filesystems.yfs) policy applies to a module w=
hich was earlier installed on this system. It's the same team (L2TGP62Z=
XS) so this actually wasn't supposed to happen, especially given the bu=
ild is notarized(!)<br></div></div><div><br></div><div>Does anything intere=
sting appear at System Preferences > Security and Privacy > General a=
fter <br></div><div>sudo kextload /Library/Extensions/yfs.kext</div><div>?<=
/div><div><br></div><div>It may be that I need to lay hands on a pre-10.13.=
6 system, install a com.your-file-system.filesystems.yfs-era build, and the=
n update both the system and the kext to reproduce this.</div><div><br></di=
v>-- <br><div dir=3D"ltr" class=3D"gmail_signature"><div dir=3D"ltr"><div><=
div dir=3D"ltr"><div><div dir=3D"ltr">Daria Phoebe Brashear<br></div><div>A=
uriStor, Inc<br></div><div><a href=3D"http://dariaphoebe.com" target=3D"_bl=
ank">dariaphoebe.com</a><br><br></div></div></div></div></div></div></div>
--0000000000003405c9058e958b0b--