Obligatory Milko problems

Seth Aaron Nickell snickell at Stanford.EDU
Fri Apr 21 21:26:55 CEST 2000 

Well...I'm have those obligatory Milko problems ;-)

Mine center around "5. Add root.afs to vldb"... I saw that somebody had
the same problem some time back, but I tried to follow the fix with the
same results. So here is detailed information if somebody can make sense
of it :) ... sorry if this is way too long but I figured its better to be
exhaustive and not waste somebody's time when they don't have enough data.

I'm running RH6.2 with a lot of modifications (though no kernel or glibc
change). Arla has already worked with Stanford's "defacto" AFS server,
ir.stanford.edu. I setup my own KDC last night, which seems to be working.

----->     Detailed "info log"

[root at null /]# kauth snickell.admin
snickell.admin at BEAUTY.STANFORD.EDU's Password: 
[root at null /]# klist
Ticket file:	/tmp/tkt0
Principal:	snickell.admin at BEAUTY.STANFORD.EDU

  Issued           Expires          Principal
Apr 21 12:01:55  Apr 21 12:11:55
krbtgt.BEAUTY.STANFORD.EDU at BEAUTY.STANFORD.EDU

-----> I have the primary admin ticket (mine) for the KDC,

[root at null /]# /usr/local/sbin/ksrvutil -p snickell.admin -f \
/usr/local/etc/srvtab get
Name [rcmd]: afs
Instance [null]: ''
Realm [BEAUTY.STANFORD.EDU]: 
Is this correct? (y,n) [y]
Add more keys? (y,n) [n]
Password for snickell.admin at BEAUTY.STANFORD.EDU: 
Added afs at BEAUTY.STANFORD.EDU

[root at null /]# cat /usr/local/etc/superuserlist
snickell.admin at BEAUTY.STANFORD.EDU

----->   And I'm on the superuserlist properly...

[root at null /]# grep beauty /usr/local/etc/CellServDB
>beauty.stanford.edu      # Experimental server
171.66.29.99              #beauty.stanford.edu
[root at null /]# cat /usr/local/etc/ThisCell
beauty.stanford.edu

----->   Looks good...

[root at null /]# /usr/local/libexec/vldbserver -create
Creating a new vl-database.
[root at null /]# cat /usr/local/etc/vl_database 
ÿÿÿ[root at null /]# 

----->    Hmmm... Weird file, but ok...

[root at null /]# /usr/local/libexec/vldbserver &
Milko vldbserver arla-0.32 started
[1]+ /usr/local/libexec/vldbserver &

----->    So far so good...

[root at null /]# vos createentry -id root.afs -host localhost \
>     -fsserver localhost -part /vicepa -rw 3
vos_createentry: error VL - No permission access. (363546)

---->   Doh! I'm running as root...and I should have full admin
permissions both in terms of Kerberos and AFS. What's going wrong
here? Note that a new ticket was "picked up":

[root at null /]# klist
Ticket file:	/tmp/tkt0
Principal:	snickell.admin at BEAUTY.STANFORD.EDU

  Issued           Expires          Principal
Apr 21 12:15:35  Apr 21 12:25:35
krbtgt.BEAUTY.STANFORD.EDU at BEAUTY.STANFORD.EDU
Apr 21 12:18:52  Apr 21
12:28:52  afs at BEAUTY.STANFORD.EDU

----------------

I get the same error if I do vos createentry using "beauty" (my
hostname) instead of localhost.

Ideas? 

Thanks!

-Seth N.

More information about the Arla-drinkers mailing list