|
Size: 1553
Comment:
|
← Revision 29 as of 2014-03-18 06:26:16 ⇥
Size: 5061
Comment: Added warning about possible login beachballing
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| #pragma section-numbers off This is the chapter of the MemberManual that describes how to install the OpenAFS client on Mac OS X. <<TableOfContents>> |
|
| Line 3: | Line 9: |
| == Install OpenAFS == | Connecting to HCoop with AFS on Mac OS X requires setting up the OpenAFS client as well as Kerberos for authentication. On a Mac OS X 10.8 machine, the following steps have been proven to connect to HCoop with just a few minutes of configuration work. |
| Line 5: | Line 11: |
| Obtain the latest openAFS client for Mac OS X. A stable version is available from the following link for 10.5 Leopard. | == Install and Configure OpenAFS == |
| Line 7: | Line 13: |
| http://www.apple.com/downloads/macosx/unix_open_source/openafs.html | Download the latest OpenAFS client (1.6.5 as of 2014-03-13) from http://www.openafs.org/macos.html. Install this package and reboot. |
| Line 9: | Line 15: |
| Newer versions are available from http://www.openafs.org/macos.html for 10.4 Tiger and 10.5 Leopard. | The installer will set up the afs configuration files in {{{/var/db/openafs}}} and it will set your machine to start AFS on boot. |
| Line 11: | Line 17: |
| You'll need to reboot after installing the client. | == Install and Configure Kerberos == |
| Line 13: | Line 19: |
| === For Mac OS X 10.8 (Mountain Lion) === {{{#!wiki caution '''Warning''' May cause some issues with hanging on shutdown, or beachballing while login. Still attempting to suss those out. Can be fixed by removing afs from /Library/LaunchDaemons using Single-User Mode. }}} The Kerberos Extras package for previous versions of Mac OS X is no longer maintained for Mac OS 10.6. Instead, Apple has included the "Ticket Viewer" feature within Keychain Access. To configure Kerberos on Snow Leopard, open Applications -> Utilities -> Keychain Access. Under the Keychain Access (app) menu, select Ticket Viewer. Select "Add Identity." For identity, enter your HCoop username followed by @HCOOP.NET (the all-caps realm is necessary). Then enter your HCoop password. It will automatically obtain a ticket upon setting up the identity. After ten hours, the ticket expires and you'll need to select Obtain Ticket. Now open a terminal window (Applications -> Utilities -> Terminal) and type "aklog". This should initiate your AFS session. To test, browse to the path /afs/hcoop.net/user/, then follow the directories with letters that begin your HCoop username. You should be able to create and edit files on HCoop. === For Mac OS X 10.5 and below === Install the Kerberos Extras package provided by MIT, available from http://web.mit.edu/macdev/www/osx-kerberos-extras.html. Once you've installed this package, run the Kerberos configuration application by clicking on Applications -> Utilities -> Kerberos. Once this application loads, click on the "New" button in the toolbar to create a new ticket. Change the Realm to {{{HCOOP.NET}}} (realms generally seem to be entirely capitalized). Type your HCoop username and password when prompted. You should see a ticket appear in the window which is valid for 10 hours. Now open a terminal window (Applications -> Utilities -> Terminal) and type "aklog". This should initiate your AFS session. To test, browse to the path /afs/hcoop.net/user/, then follow the directories with letters that begin your HCoop username. You should be able to create and edit files on HCoop. To refresh your Kerberos tokens and your AFS ticket, the two standard Unix commands can be used from the console: {{{kinit username@HCOOP.NET}}} followed by {{{aklog}}}. To avoid having to type the {{{HCOOP.NET}}} part of the kinit command, set a Kerberos "Default Realm" for your machine. This is done by changing the {{{default_realm}}} line in the file /Library/Preferences/edu.mit.Kerberos to the following: {{{ default_realm = HCOOP.NET }}} That's it! You should be able to edit and save files on your HCoop account through AFS. = Troubleshooting and Additional Resources = == Troubleshooting on Mac OS X == Our wiki page MemberManual/ShellAccess/TroubleshootingKerberos is a great reference for making sure that your Kerberos configuration is correct. In addition, the wiki pages for client configurations on other operating systems MemberManual/TransferringFiles/OpenAFS may be of help. Finally, there is always the hcoop-discuss mailing list! == Other AFS Client Implementations on OS X == The following clients have not been tested with HCoop software. If you're not looking for a challenge, it's probably best to stay with the instructions above. === Arla for Mac OS X === From the Arla web site: Arla is a free AFS implementation. The main goal is to make a fully functional client with all capabilities of AFS as formerly sold by Transarc and today available as OpenAFS. Other stuff, such as servers and management tools are being developed, but currently not considered stable. '''Obtaining the latest arla port:''' Get the latest source code file from the project site and build it yourself: http://www.stacken.kth.se/project/arla/ Alternatively, go to http://trac.macports.org/projects/macports/browser/trunk/dports/net/arla/Portfile or http://arla.darwinports.com/ which have the advantage of being easier to install. Follow the notes above, and it should "just work". If you do have success, edit this page and let the rest of us know about it. [[http://www.mac-how.net|Mac-How]] |
|
| Line 14: | Line 91: |
| About OpenAFS An open source implementation of the Andrew File System (AFS) protocol, including clients, servers and a virtual filesystem kernel driver. It integrates with the bundled Kerberos support in MacOS X to allow for a seamless user experience while accessing files in authenticated sessions. ---- == Configure OpenAFS == The installer will setup the afs files in /var/db/openafs and set your machine to start afs on boot. After restarting your system edit /var/db/openafs/etc/ThisCell. The file should contain a single line of text: hcoop.net The file initially is identical to ThisCell.sample so you don't need to make a backup copy before editing. The same holds true for CellServDB, it's the same as CellServDB.master. Now you'll need to make sure the cells you want to use are listed in the CellServDB file. Add the following lines: >hcoop.net 69.90.123.67 #deleuze.hcoop.net 69.90.123.70 #krunk.hcoop.net Now reboot and try the configuration out. ''Feel free to help out here, this is as far as we go. If you get something to work add some notes here'' |
CategoryMemberManual |
This is the chapter of the MemberManual that describes how to install the OpenAFS client on Mac OS X.
Contents
OpenAFS for Mac OS X
Connecting to HCoop with AFS on Mac OS X requires setting up the OpenAFS client as well as Kerberos for authentication. On a Mac OS X 10.8 machine, the following steps have been proven to connect to HCoop with just a few minutes of configuration work.
Install and Configure OpenAFS
Download the latest OpenAFS client (1.6.5 as of 2014-03-13) from http://www.openafs.org/macos.html. Install this package and reboot.
The installer will set up the afs configuration files in /var/db/openafs and it will set your machine to start AFS on boot.
Install and Configure Kerberos
For Mac OS X 10.8 (Mountain Lion)
Warning May cause some issues with hanging on shutdown, or beachballing while login. Still attempting to suss those out. Can be fixed by removing afs from /Library/LaunchDaemons using Single-User Mode.
The Kerberos Extras package for previous versions of Mac OS X is no longer maintained for Mac OS 10.6. Instead, Apple has included the "Ticket Viewer" feature within Keychain Access.
To configure Kerberos on Snow Leopard, open Applications -> Utilities -> Keychain Access. Under the Keychain Access (app) menu, select Ticket Viewer. Select "Add Identity." For identity, enter your HCoop username followed by @HCOOP.NET (the all-caps realm is necessary). Then enter your HCoop password. It will automatically obtain a ticket upon setting up the identity. After ten hours, the ticket expires and you'll need to select Obtain Ticket.
Now open a terminal window (Applications -> Utilities -> Terminal) and type "aklog". This should initiate your AFS session. To test, browse to the path /afs/hcoop.net/user/, then follow the directories with letters that begin your HCoop username. You should be able to create and edit files on HCoop.
For Mac OS X 10.5 and below
Install the Kerberos Extras package provided by MIT, available from http://web.mit.edu/macdev/www/osx-kerberos-extras.html.
Once you've installed this package, run the Kerberos configuration application by clicking on Applications -> Utilities -> Kerberos. Once this application loads, click on the "New" button in the toolbar to create a new ticket. Change the Realm to HCOOP.NET (realms generally seem to be entirely capitalized). Type your HCoop username and password when prompted.
You should see a ticket appear in the window which is valid for 10 hours.
Now open a terminal window (Applications -> Utilities -> Terminal) and type "aklog". This should initiate your AFS session. To test, browse to the path /afs/hcoop.net/user/, then follow the directories with letters that begin your HCoop username. You should be able to create and edit files on HCoop.
To refresh your Kerberos tokens and your AFS ticket, the two standard Unix commands can be used from the console: kinit username@HCOOP.NET followed by aklog. To avoid having to type the HCOOP.NET part of the kinit command, set a Kerberos "Default Realm" for your machine. This is done by changing the default_realm line in the file /Library/Preferences/edu.mit.Kerberos to the following:
default_realm = HCOOP.NET
That's it! You should be able to edit and save files on your HCoop account through AFS.
Troubleshooting and Additional Resources
Troubleshooting on Mac OS X
Our wiki page MemberManual/ShellAccess/TroubleshootingKerberos is a great reference for making sure that your Kerberos configuration is correct. In addition, the wiki pages for client configurations on other operating systems MemberManual/TransferringFiles/OpenAFS may be of help. Finally, there is always the hcoop-discuss mailing list!
Other AFS Client Implementations on OS X
The following clients have not been tested with HCoop software. If you're not looking for a challenge, it's probably best to stay with the instructions above.
Arla for Mac OS X
From the Arla web site:
- Arla is a free AFS implementation. The main goal is to make a fully functional client with all capabilities of AFS as formerly sold by Transarc and today available as OpenAFS. Other stuff, such as servers and management tools are being developed, but currently not considered stable.
Obtaining the latest arla port:
Get the latest source code file from the project site and build it yourself:
http://www.stacken.kth.se/project/arla/
Alternatively, go to
http://trac.macports.org/projects/macports/browser/trunk/dports/net/arla/Portfile
or
which have the advantage of being easier to install.
Follow the notes above, and it should "just work".
If you do have success, edit this page and let the rest of us know about it.