OpenAFS trouble
Greetings!
I've been struggling to get OpenAFS working. I've got a server machine
with the kerberos versions of openafs for the fileserver, dbserver, and
client. I've set up my own account and volume following the
'config-transcript.txt'. All Debian sid versions.
Here's the problem: On the server machine (friend), everything seems to
work, and I can do what I want in the volume I created for my account:
cswingle@friend:~$ tokens
Tokens held by the Cache Manager:
User's (AFS ID 1112) tokens for afs@frontier.iarc.uaf.edu
--End of list--
cswingle@friend:~$ ls -al /afs/frontier/user/cswingle
total 4
drwxrwxrwx 2 cswingle root 2048 May 16 13:58 .
drwxrwxrwx 3 root root 2048 May 16 13:56 ..
-rw-r--r-- 1 cswingle cswingle 0 May 16 13:58 foobar
Here'w what happens on the client machine (enemy):
cswingle@enemy:~$ tokens
Tokens held by the Cache Manager:
User's (AFS ID 1112) tokens for afs@frontier.iarc.uaf.edu
--End of list--
cswingle@enemy:~$ ls -al /afs/frontier/user/cswingle
ls: /afs/frontier/user/cswingle: Permission denied
In other words, both the client and server appear to have authenticated
with the Kerberos server correctly, and I used aklog to get tokens on
each (both with the appropriate AFS ID). But I can't access "my" volume
from the client.
What am I missing? What did I forget to do in order to allow a client
to access a server's volumes? Is there any useful documentation out
there? I've looked at the IBM documentation, but it is filled with
commands that I don't have (uss, package, kas, etc.).
Thanks,
Chris
--
Christopher S. Swingley email: cswingle@iarc.uaf.edu
IARC -- Frontier Program Please use encryption. GPG key at:
University of Alaska Fairbanks www.frontier.iarc.uaf.edu/~cswingle/
Reply to: