Obligatory Milko problems
Seth Aaron Nickell
snickell at Stanford.EDU
Fri Apr 21 21:26:55 CEST 2000
Well...I'm have those obligatory Milko problems ;-)
Mine center around "5. Add root.afs to vldb"... I saw that somebody had
the same problem some time back, but I tried to follow the fix with the
same results. So here is detailed information if somebody can make sense
of it :) ... sorry if this is way too long but I figured its better to be
exhaustive and not waste somebody's time when they don't have enough data.
I'm running RH6.2 with a lot of modifications (though no kernel or glibc
change). Arla has already worked with Stanford's "defacto" AFS server,
ir.stanford.edu. I setup my own KDC last night, which seems to be working.
-----> Detailed "info log"
[root at null /]# kauth snickell.admin
snickell.admin at BEAUTY.STANFORD.EDU's Password:
[root at null /]# klist
Ticket file: /tmp/tkt0
Principal: snickell.admin at BEAUTY.STANFORD.EDU
Issued Expires Principal
Apr 21 12:01:55 Apr 21 12:11:55
krbtgt.BEAUTY.STANFORD.EDU at BEAUTY.STANFORD.EDU
-----> I have the primary admin ticket (mine) for the KDC,
[root at null /]# /usr/local/sbin/ksrvutil -p snickell.admin -f \
/usr/local/etc/srvtab get
Name [rcmd]: afs
Instance [null]: ''
Realm [BEAUTY.STANFORD.EDU]:
Is this correct? (y,n) [y]
Add more keys? (y,n) [n]
Password for snickell.admin at BEAUTY.STANFORD.EDU:
Added afs at BEAUTY.STANFORD.EDU
[root at null /]# cat /usr/local/etc/superuserlist
snickell.admin at BEAUTY.STANFORD.EDU
-----> And I'm on the superuserlist properly...
[root at null /]# grep beauty /usr/local/etc/CellServDB
>beauty.stanford.edu # Experimental server
171.66.29.99 #beauty.stanford.edu
[root at null /]# cat /usr/local/etc/ThisCell
beauty.stanford.edu
-----> Looks good...
[root at null /]# /usr/local/libexec/vldbserver -create
Creating a new vl-database.
[root at null /]# cat /usr/local/etc/vl_database
ÿÿÿ[root at null /]#
-----> Hmmm... Weird file, but ok...
[root at null /]# /usr/local/libexec/vldbserver &
Milko vldbserver arla-0.32 started
[1]+ /usr/local/libexec/vldbserver &
-----> So far so good...
[root at null /]# vos createentry -id root.afs -host localhost \
> -fsserver localhost -part /vicepa -rw 3
vos_createentry: error VL - No permission access. (363546)
----> Doh! I'm running as root...and I should have full admin
permissions both in terms of Kerberos and AFS. What's going wrong
here? Note that a new ticket was "picked up":
[root at null /]# klist
Ticket file: /tmp/tkt0
Principal: snickell.admin at BEAUTY.STANFORD.EDU
Issued Expires Principal
Apr 21 12:15:35 Apr 21 12:25:35
krbtgt.BEAUTY.STANFORD.EDU at BEAUTY.STANFORD.EDU
Apr 21 12:18:52 Apr 21
12:28:52 afs at BEAUTY.STANFORD.EDU
----------------
I get the same error if I do vos createentry using "beauty" (my
hostname) instead of localhost.
Ideas?
Thanks!
-Seth N.
More information about the Arla-drinkers
mailing list