[OpenAFS] Questions, vol 1.

Noel Burton-Krahn noel@bkbox.com
Wed, 21 Jan 2004 09:24:36 -0800 

Hi Stephen,

Hang in there, I remember facing the same pain setting up and understanding
OpenAFS.  I also remember the same reasons for going there: we needed a
distributed file system and AFS beats NFS, Samba, and Coda.  You still have
a bunch of pain to go through I think, but once you're done, I think you'll
find this is the way networks should be.

Our setup is OpenAFS, KerberosV, LDAP, on Debian.  Everyone has an OpenAFS
home directory where their mail, calendar, and web space is, and their home
is available on Windows or Linux clients.  Life is pretty good.  On the
other hand, OpenAFS has its quirks, and its Windows integration is not as
smooth as Samba.

First, about your tokens.  Are you running KerberosV + OpenAFS?  I recommend
it.  Last year I found that none of the stock pam_afs, pam_openafs, or
pam_krb5 modules ever succeeded in getting AFS tokens.  I ended up using
pam_krb5 to get Kerberos tickets and pam_run to run 'aklog' to get AFS
tokens.  I have since heard claims that pam_krb5 on sourceforge
(http://sourceforge.net/projects/pam-krb5/) works.  I found "strace" very
useful in debugging pam logins.

I don't use USS, I wrote my own scripts because user accounts have to exist
in Krb5, LDAP and OpenAFS.

Treat the files in your /vicepX partitions as totally opaque and don't touch
them.  Yes, you have to use the OpenAFS utilities for backups.  The docs say
that the partitions must be named /vicepX.

--Noel


----- Original Message -----
From: "Stephen Bosch" <posting@vodacomm.ca>
To: "afs" <openafs-info@openafs.org>
Sent: Wednesday, January 21, 2004 9:00 AM
Subject: [OpenAFS] Questions, vol 1.


> Okay, folks -- you've convinced me. I'm not going to give up just yet...
> if you'll help me a bit.
>
> I have a bunch of questions.
>
> 1. When AFS mounts volumes in a physical partition, what happens to the
> partition itself? I don't see any "files" that correspond in size to the
> data stored on the partition. Can I make, say, a partition image and
> still have the data, or do I have to use AFS native tools to do all the
> backups?
>
> Here's an example:
> sfbosch@wopr vicepa $ ls -li
> total 36
>    65537 drwx------    5 root     root         4096 Jan 20 20:47 AFSIDat
>    32769 drwx------    2 root     root         4096 Jan 19 21:11 Lock
>       12 -rw-------    1 root     root           76 Jan 19 21:12
> V0536870912.vol
>       13 -rw-------    1 root     root           76 Jan 20 16:57
> V0536870915.vol
>       14 -rw-------    1 root     root           76 Jan 20 20:16
> V0536870918.vol
>       11 drwx------    2 root     root        16384 Jan 18 23:00
lost+found
> sfbosch@wopr vicepa $
>
> There is data in those volumes (certainly more than 76 blocks worth). I
> presume the volume files are just metadata?
>
> 2. Can other processes write files to the partition, or is that a bad
> idea (not that I'm planning to, but the answer will help me understand
> better)?
>
> 3. Must the partition be called /vicepx(x), or can I name it whatever I
> like?
>
> Cheers,
>
> -Stephen-
>
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
>
>