Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Kernel:HEAD:Backport:KMP
openafs
README.SUSE.openafs
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File README.SUSE.openafs of Package openafs
Here is described installation of openafs server and client on SUSE linux. This text is based on AFS Quick Start Guide. The differences are: - paths are adapted to SUSE installation - uses Kerberos 5 authentization Complete OpenAFS documentation is at http://openafs.org SERVER SETUP ============ # choose an AFS cell name and a Kerberos realm name, the simplest setup is: # - AFS cell name equal to DNS domain name # - Kerberos realm name equal to uppercase AFS cell name # create a partition for AFS filesystem and mount it under /vicepa # start bosserver /usr/sbin/bosserver -noauth & # setup basic cell information bos setcellname your.afs.server your.cell.name -noauth # setup database servers processes bos create your.afs.server ptserver simple /usr/lib/openafs/ptserver -cell your.cell.name -noauth bos create your.afs.server buserver simple /usr/lib/openafs/buserver -cell your.cell.name -noauth bos create your.afs.server vlserver simple /usr/lib/openafs/vlserver -cell your.cell.name -noauth # If you want to use the old afs authentization (not recommended): # bos addkey your.afs.server -kvno 0 -cell your.cell.name -noauth # Authentication against heimdal krb5 server # Here you can set up kerberos realm if you dont have any, # see documentation in package krb5-doc # restart kdc rckrb5kdc restart rckrb524d restart # create afs principal in kerberos database kadmin.local add_principal afs@YOUR.KERBEROS.REALM # create afs key, use random password ktremove -k /etc/krb5.keytab afs all # delete old afs key if any # export the afs key to external keytab # note the key version number (kvno), you will need it later for asetkey ktadd -e des-cbc-crc:v4 afs@YOUR.KERBEROS.REALM add_principal admin@YOUR.KERBEROS.REALM # create admin principal quit # end kadmin.local rm /etc/openafs/server/KeyFile # delete the old afs key file if any # convert the afs key from /etc/krb5.keytab to /etc/openafs/server/KeyFile # use <kvno> displayed by ktadd asetkey add <kvno> /etc/krb5.keytab afs # give admin the permissions to control bosserver bos adduser your.afs.server admin -cell your.cell.name -noauth # add admin to group system:administrators pts createuser -name admin -id <user id> -cell your.cell.name -noauth pts adduser admin system:administrators -cell your.cell.name -noauth # restart bos server bos restart your.afs.server -all -cell your.cell.name -noauth # create fileserver processes bos create your.afs.server fs fs /usr/lib/openafs/fileserver /usr/lib/openafs/volserver /usr/lib/openafs/salvager -cell your.cell.name -noauth # create root volume vos create your.afs.server /vicepa root.afs -cell your.cell.name -noauth # restart bosserver with security enabled rcopenafs-fileserver restart CLIENT SETUP ============ IMPORTANT: Unfortunately, openafs client for linux kernel 2.6 has not reached stable state yet. There may be problems. edit /etc/sysconfig/openafs-client, set at least REGENERATE_CELL_INFO="yes" THIS_CELL="your.cell.name" THIS_CELL_SERVER="your.afs.server" If you are configuring first afs server and the volume root.cell does not exist yet, you have to set also DYNROOT=no. After finishing the server installaton it is better to change DYNROOT back to 'yes' as the client behaves better on startup with network outage. # start afs client rcopenafs-client start # login as admin kinit admin aklog -d # convert Kerberos 5 ticket to AFS token To enable transparent login via pam, install package pam_krb5 and add 'call_modules=krb5afs' to /etc/security/pam_unix2.conf For details look at pam_krb5afs(5), pam_krb5afs(8) and pam_unix2(8) manpages. Now you have working afs server and client. You can continue with chapter "Configuring the Top Levels of the AFS Filespace" of AFS Quick Start Guide.
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor