[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

OpenAFS trouble



Greetings!

I've been struggling to get OpenAFS working.  I've got a server machine 
with the kerberos versions of openafs for the fileserver, dbserver, and 
client.  I've set up my own account and volume following the 
'config-transcript.txt'.  All Debian sid versions.

Here's the problem:  On the server machine (friend), everything seems to 
work, and I can do what I want in the volume I created for my account:

    cswingle@friend:~$ tokens

    Tokens held by the Cache Manager:

    User's (AFS ID 1112) tokens for afs@frontier.iarc.uaf.edu
    --End of list--
    cswingle@friend:~$ ls -al /afs/frontier/user/cswingle
    total 4
    drwxrwxrwx    2 cswingle root         2048 May 16 13:58 .
    drwxrwxrwx    3 root     root         2048 May 16 13:56 ..
    -rw-r--r--    1 cswingle cswingle        0 May 16 13:58 foobar

Here'w what happens on the client machine (enemy):

    cswingle@enemy:~$ tokens

    Tokens held by the Cache Manager:

    User's (AFS ID 1112) tokens for afs@frontier.iarc.uaf.edu
    --End of list--
    cswingle@enemy:~$ ls -al /afs/frontier/user/cswingle
    ls: /afs/frontier/user/cswingle: Permission denied

In other words, both the client and server appear to have authenticated 
with the Kerberos server correctly, and I used aklog to get tokens on 
each (both with the appropriate AFS ID).  But I can't access "my" volume 
from the client.

What am I missing?  What did I forget to do in order to allow a client 
to access a server's volumes?  Is there any useful documentation out 
there?  I've looked at the IBM documentation, but it is filled with 
commands that I don't have (uss, package, kas, etc.).

Thanks,

Chris
-- 
Christopher S. Swingley          email: cswingle@iarc.uaf.edu
IARC -- Frontier Program         Please use encryption.  GPG key at:
University of Alaska Fairbanks   www.frontier.iarc.uaf.edu/~cswingle/



Reply to: