|
Size: 3192
Comment:
|
← Revision 29 as of 2014-03-18 06:26:16 ⇥
Size: 5061
Comment: Added warning about possible login beachballing
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| #pragma section-numbers off This is the chapter of the MemberManual that describes how to install the OpenAFS client on Mac OS X. <<TableOfContents>> |
|
| Line 3: | Line 9: |
| == Install OpenAFS == | Connecting to HCoop with AFS on Mac OS X requires setting up the OpenAFS client as well as Kerberos for authentication. On a Mac OS X 10.8 machine, the following steps have been proven to connect to HCoop with just a few minutes of configuration work. |
| Line 5: | Line 11: |
| Obtain the latest openAFS client for Mac OS X. A stable version is available from the following link for 10.5 Leopard. | == Install and Configure OpenAFS == |
| Line 7: | Line 13: |
| http://www.apple.com/downloads/macosx/unix_open_source/openafs.html | Download the latest OpenAFS client (1.6.5 as of 2014-03-13) from http://www.openafs.org/macos.html. Install this package and reboot. |
| Line 9: | Line 15: |
| Newer versions are available from http://www.openafs.org/macos.html for 10.4 Tiger and 10.5 Leopard. | The installer will set up the afs configuration files in {{{/var/db/openafs}}} and it will set your machine to start AFS on boot. |
| Line 11: | Line 17: |
| You'll need to reboot after installing the client. | == Install and Configure Kerberos == |
| Line 13: | Line 19: |
| ---- About OpenAFS |
=== For Mac OS X 10.8 (Mountain Lion) === |
| Line 16: | Line 21: |
| An open source implementation of the Andrew File System (AFS) protocol, including clients, servers and a virtual filesystem kernel driver. It integrates with the bundled Kerberos support in MacOS X to allow for a seamless user experience while accessing files in authenticated sessions. ---- |
{{{#!wiki caution '''Warning''' May cause some issues with hanging on shutdown, or beachballing while login. Still attempting to suss those out. Can be fixed by removing afs from /Library/LaunchDaemons using Single-User Mode. }}} |
| Line 19: | Line 26: |
| == Configure OpenAFS == | The Kerberos Extras package for previous versions of Mac OS X is no longer maintained for Mac OS 10.6. Instead, Apple has included the "Ticket Viewer" feature within Keychain Access. |
| Line 21: | Line 28: |
| The installer will setup the afs files in `/var/db/openafs` and set your machine to start afs on boot. | To configure Kerberos on Snow Leopard, open Applications -> Utilities -> Keychain Access. Under the Keychain Access (app) menu, select Ticket Viewer. Select "Add Identity." For identity, enter your HCoop username followed by @HCOOP.NET (the all-caps realm is necessary). Then enter your HCoop password. It will automatically obtain a ticket upon setting up the identity. After ten hours, the ticket expires and you'll need to select Obtain Ticket. |
| Line 23: | Line 30: |
| After restarting your system edit `/var/db/openafs/etc/ThisCell`. The file should contain a single line of text: | Now open a terminal window (Applications -> Utilities -> Terminal) and type "aklog". This should initiate your AFS session. To test, browse to the path /afs/hcoop.net/user/, then follow the directories with letters that begin your HCoop username. You should be able to create and edit files on HCoop. === For Mac OS X 10.5 and below === Install the Kerberos Extras package provided by MIT, available from http://web.mit.edu/macdev/www/osx-kerberos-extras.html. Once you've installed this package, run the Kerberos configuration application by clicking on Applications -> Utilities -> Kerberos. Once this application loads, click on the "New" button in the toolbar to create a new ticket. Change the Realm to {{{HCOOP.NET}}} (realms generally seem to be entirely capitalized). Type your HCoop username and password when prompted. You should see a ticket appear in the window which is valid for 10 hours. Now open a terminal window (Applications -> Utilities -> Terminal) and type "aklog". This should initiate your AFS session. To test, browse to the path /afs/hcoop.net/user/, then follow the directories with letters that begin your HCoop username. You should be able to create and edit files on HCoop. To refresh your Kerberos tokens and your AFS ticket, the two standard Unix commands can be used from the console: {{{kinit username@HCOOP.NET}}} followed by {{{aklog}}}. To avoid having to type the {{{HCOOP.NET}}} part of the kinit command, set a Kerberos "Default Realm" for your machine. This is done by changing the {{{default_realm}}} line in the file /Library/Preferences/edu.mit.Kerberos to the following: |
| Line 26: | Line 46: |
| hcoop.net | default_realm = HCOOP.NET |
| Line 29: | Line 49: |
| The file initially is identical to `ThisCell.sample` so you don't need to make a backup copy before editing. The same holds true for `CellServDB`, it's the same as `CellServDB.master`. | That's it! You should be able to edit and save files on your HCoop account through AFS. |
| Line 31: | Line 51: |
| Now you'll need to make sure the cells you want to use are listed in the `CellServDB` file. Add the following lines: | |
| Line 33: | Line 52: |
| {{{ >hcoop.net 69.90.123.67 #deleuze.hcoop.net 69.90.123.70 #krunk.hcoop.net }}} |
= Troubleshooting and Additional Resources = |
| Line 39: | Line 54: |
| Now reboot and try the configuration out. | == Troubleshooting on Mac OS X == |
| Line 41: | Line 56: |
| Try this from a terminal: | Our wiki page MemberManual/ShellAccess/TroubleshootingKerberos is a great reference for making sure that your Kerberos configuration is correct. In addition, the wiki pages for client configurations on other operating systems MemberManual/TransferringFiles/OpenAFS may be of help. Finally, there is always the hcoop-discuss mailing list! |
| Line 43: | Line 58: |
| {{{ user$ sudo /Library/StartupItems/OpenAFS/OpenAFS restart Password: Stopping AFS Unmounting /afs umount: /afs: not currently mounted Shutting down afsd processes /Library/StartupItems/OpenAFS/OpenAFS: line 172: 383 Bus error $AFSD -shutdown 2>&1 >/dev/console Unloading AFS kernel extensions Starting OpenAFS Loading AFS kernel extensions kextload: /var/db/openafs/etc/afs.kext loaded successfully Starting afsd /Library/StartupItems/OpenAFS/OpenAFS: line 172: 391 Bus error $AFSD $OPTIONS /Library/StartupItems/OpenAFS/OpenAFS: line 172: 394 Segmentation fault $CONFIG/afssettings }}} |
== Other AFS Client Implementations on OS X == |
| Line 60: | Line 60: |
| Hmmmm. So something went wrong. No clue yet how to fix this. | The following clients have not been tested with HCoop software. If you're not looking for a challenge, it's probably best to stay with the instructions above. |
| Line 62: | Line 62: |
| ''Feel free to help out here, this is as far as we go. If you get something to work add some notes here'' | === Arla for Mac OS X === |
| Line 64: | Line 64: |
| = arla for Mac OS X = | From the Arla web site: |
| Line 66: | Line 66: |
| ---- Arla is a free AFS implementation. The main goal is to make a fully functional client with all capabilities of AFS as formerly sold by Transarc and today available as OpenAFS. Other stuff, such as servers and management tools are being developed, but currently not considered stable. ---- |
Arla is a free AFS implementation. The main goal is to make a fully functional client with all capabilities of AFS as formerly sold by Transarc and today available as OpenAFS. Other stuff, such as servers and management tools are being developed, but currently not considered stable. |
| Line 71: | Line 69: |
| == Obtain latest arla port == | '''Obtaining the latest arla port:''' |
| Line 87: | Line 85: |
| Follow the notes above, and it should "just work" without the "Bus error" or "Segmentation fault". | Follow the notes above, and it should "just work". |
| Line 90: | Line 88: |
[[http://www.mac-how.net|Mac-How]] ---- CategoryMemberManual |
This is the chapter of the MemberManual that describes how to install the OpenAFS client on Mac OS X.
Contents
OpenAFS for Mac OS X
Connecting to HCoop with AFS on Mac OS X requires setting up the OpenAFS client as well as Kerberos for authentication. On a Mac OS X 10.8 machine, the following steps have been proven to connect to HCoop with just a few minutes of configuration work.
Install and Configure OpenAFS
Download the latest OpenAFS client (1.6.5 as of 2014-03-13) from http://www.openafs.org/macos.html. Install this package and reboot.
The installer will set up the afs configuration files in /var/db/openafs and it will set your machine to start AFS on boot.
Install and Configure Kerberos
For Mac OS X 10.8 (Mountain Lion)
Warning May cause some issues with hanging on shutdown, or beachballing while login. Still attempting to suss those out. Can be fixed by removing afs from /Library/LaunchDaemons using Single-User Mode.
The Kerberos Extras package for previous versions of Mac OS X is no longer maintained for Mac OS 10.6. Instead, Apple has included the "Ticket Viewer" feature within Keychain Access.
To configure Kerberos on Snow Leopard, open Applications -> Utilities -> Keychain Access. Under the Keychain Access (app) menu, select Ticket Viewer. Select "Add Identity." For identity, enter your HCoop username followed by @HCOOP.NET (the all-caps realm is necessary). Then enter your HCoop password. It will automatically obtain a ticket upon setting up the identity. After ten hours, the ticket expires and you'll need to select Obtain Ticket.
Now open a terminal window (Applications -> Utilities -> Terminal) and type "aklog". This should initiate your AFS session. To test, browse to the path /afs/hcoop.net/user/, then follow the directories with letters that begin your HCoop username. You should be able to create and edit files on HCoop.
For Mac OS X 10.5 and below
Install the Kerberos Extras package provided by MIT, available from http://web.mit.edu/macdev/www/osx-kerberos-extras.html.
Once you've installed this package, run the Kerberos configuration application by clicking on Applications -> Utilities -> Kerberos. Once this application loads, click on the "New" button in the toolbar to create a new ticket. Change the Realm to HCOOP.NET (realms generally seem to be entirely capitalized). Type your HCoop username and password when prompted.
You should see a ticket appear in the window which is valid for 10 hours.
Now open a terminal window (Applications -> Utilities -> Terminal) and type "aklog". This should initiate your AFS session. To test, browse to the path /afs/hcoop.net/user/, then follow the directories with letters that begin your HCoop username. You should be able to create and edit files on HCoop.
To refresh your Kerberos tokens and your AFS ticket, the two standard Unix commands can be used from the console: kinit username@HCOOP.NET followed by aklog. To avoid having to type the HCOOP.NET part of the kinit command, set a Kerberos "Default Realm" for your machine. This is done by changing the default_realm line in the file /Library/Preferences/edu.mit.Kerberos to the following:
default_realm = HCOOP.NET
That's it! You should be able to edit and save files on your HCoop account through AFS.
Troubleshooting and Additional Resources
Troubleshooting on Mac OS X
Our wiki page MemberManual/ShellAccess/TroubleshootingKerberos is a great reference for making sure that your Kerberos configuration is correct. In addition, the wiki pages for client configurations on other operating systems MemberManual/TransferringFiles/OpenAFS may be of help. Finally, there is always the hcoop-discuss mailing list!
Other AFS Client Implementations on OS X
The following clients have not been tested with HCoop software. If you're not looking for a challenge, it's probably best to stay with the instructions above.
Arla for Mac OS X
From the Arla web site:
- Arla is a free AFS implementation. The main goal is to make a fully functional client with all capabilities of AFS as formerly sold by Transarc and today available as OpenAFS. Other stuff, such as servers and management tools are being developed, but currently not considered stable.
Obtaining the latest arla port:
Get the latest source code file from the project site and build it yourself:
http://www.stacken.kth.se/project/arla/
Alternatively, go to
http://trac.macports.org/projects/macports/browser/trunk/dports/net/arla/Portfile
or
which have the advantage of being easier to install.
Follow the notes above, and it should "just work".
If you do have success, edit this page and let the rest of us know about it.