|
Size: 3681
Comment:
|
Size: 4045
Comment: cat, update for dkms
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 6: | Line 6: |
| [[TableOfContents]] | <<TableOfContents>> |
| Line 20: | Line 20: |
| * DB server host names for your home cell: `deleuze.hcoop.net` | * DB server host names for your home cell: `afs.hcoop.net` |
| Line 22: | Line 22: |
| You may need to run `dpkg-reconfigure openafs-client` to get asked all of these questions. | |
| Line 25: | Line 26: |
| OpenAFS requires a kernel module, and Debian does not provide third-party kernel modules as binary packages. Module-assistant can download, compile, and install kernel modules for you. Install that, then install the OpenAFS module: | OpenAFS requires a kernel module. Debian kernels use DKMS, so installation of the package should automatically build and load the modules: |
| Line 28: | Line 29: |
| aptitude install module-assistant module-assistant prepare module-assistant auto-install openafs |
aptitude install openafs-modules-dkms |
| Line 33: | Line 32: |
| OpenAFS's cache is located at /var/cache/openafs, and it must be on an ext2 or ext3 filesystem. If /var/cache is not on an ext2 or ext3 filesystem, you'll need to mount an ext2 or ext3 filesystem at /var/cache/openafs. OpenAFS cache does not work well, if at all, on ReiserFS systems. | OpenAFS's cache is located at /var/cache/openafs, and it must be on an ext2, ext3 or ext4 filesystem. If /var/cache is not on an ext2, ext3 or ext4 filesystem, you'll need to mount an ext2, ext3 or ext4 filesystem at /var/cache/openafs. OpenAFS cache does not work well, if at all, on ReiserFS systems. |
| Line 48: | Line 47: |
| {{{#!wiki note You may not need to set anything other than the default realm--everything else should be fetched automatically through DNS. It does not, however, hurt to hard code these settings since they are unlikely to ever change. }}} |
|
| Line 49: | Line 54: |
| * Kerberos servers for your realm: `deleuze.hcoop.net` * Administrative server for your Kerberos realm: `deleuze.hcoop.net` |
* Kerberos servers for your realm: `kerberos.hcoop.net` * Administrative server for your Kerberos realm: `kerberos.hcoop.net` |
| Line 58: | Line 63: |
On Debian unstable, you may need to add `allow_weak_crypto = true` to the libdefaults section of `/etc/krb5.conf`. |
|
| Line 85: | Line 92: |
| ---- CategoryNeedsWork CategoryMemberManual |
This is the chapter of the MemberManual that describes how to install and configure OpenAFS Client on Debian based systems. These instructions were adapted from HCoop user bpt's instructions.
Contents
OpenAFS Client Installation
aptitude install openafs-client
Answer the configuration questions as follows:
AFS cell this workstation belongs to: hcoop.net
- The default value for "Size of AFS cache in kB" is okay. You can increase the cache size if you want.
- Dynamically generate the contents of /afs? Yes
DB server host names for your home cell: afs.hcoop.net
- Run Openafs client now and at boot? Yes
You may need to run dpkg-reconfigure openafs-client to get asked all of these questions.
Kernel Module Installation
OpenAFS requires a kernel module. Debian kernels use DKMS, so installation of the package should automatically build and load the modules:
aptitude install openafs-modules-dkms
OpenAFS's cache is located at /var/cache/openafs, and it must be on an ext2, ext3 or ext4 filesystem. If /var/cache is not on an ext2, ext3 or ext4 filesystem, you'll need to mount an ext2, ext3 or ext4 filesystem at /var/cache/openafs. OpenAFS cache does not work well, if at all, on ReiserFS systems.
Restart OpenAFS:
/etc/init.d/openafs-client restart
Now you should be able to see files in /afs/hcoop.net, but you won't have any AFS tokens. So let's install some Kerberos packages.
Kerberos Installation
aptitude install openafs-krb5 krb5-user
You may not need to set anything other than the default realm--everything else should be fetched automatically through DNS.
It does not, however, hurt to hard code these settings since they are unlikely to ever change.
Default Kerberos version 5 realm: HCOOP.NET
Kerberos servers for your realm: kerberos.hcoop.net
Administrative server for your Kerberos realm: kerberos.hcoop.net
If you are using Ubuntu Hardy, you might also need to add the following to your /etc/krb5.conf file, in the [domain_realm] section. It gets rid of a pesky warning.
hcoop.net = HCOOP.NET
.hcoop.net = HCOOP.NETOn Debian unstable, you may need to add allow_weak_crypto = true to the libdefaults section of /etc/krb5.conf.
Using AFS
Typically, to gain access to your HCoop AFS share, do the following on your local system:
kinit user@HCOOP.NET aklog -c hcoop.net
Be sure that the openafs module is loaded or there will be errors. The tickets gained will last up to 10 hours but can be renewed with krenew for up to 8 days. Here's a common use:
krenew -K 30 -t
See the krenew man page to learn what these options are doing.
Troubleshooting
ReiserFS
First, if you are using ReiserFS, the AFS daemon will simply refuse to work because it cannot use that filesystem for its cache. If the daemon doesn't run, you'll get a puzzling error message that might make you think you have a firewall problem.
To get the daemon to work, edit the /etc/openafs/afs.conf to make it use the memory cache. It is said to be less stable than the hard disk cache. The README.Debian file also suggests creating a loopback ext2 filesystem for the cache.
Konqueror
Konqueror simply hangs when trying to browse /afs with the default CellServerDB. This happens because it is trying to access AFS volumes it doesn't have access to or that are not accessible, and hangs indefinitely. There is a lot of cells pre-configured in the Debian package, and probably some of them are not valid or not accessible. Once the content of /etc/openafs/CellServerDB has been erased of everything except for the hcoop.net entry, browsing /afs with Konqueror should work.