Skip to main content

New to Dartmouth?

Resources for:

Information Security

Connect with Computing

facebook twitter Wordpress Blog

Installing OpenAFS on Linux

To install OpenAFS with RHEL 3/4 or Fedora Core, with OpenAFS 1.4.x client, use the following steps.

Note:

ARCH = hardware architecture (`uname -m`) e.g. i686
VERS = OpenAFS version, e.g. 1.4.1
KERNEL = full kernel revision string (e.g. 2.6.9_42.0.2.ELsmp_2)
OS = Linux distribution this is built for e.g. rhel4.2

 

Download RPMs from www.openafs.org/release

The OpenAFS distribution for Linux is split into several component parts. For a standard client, you need only the following: (example v1.4.1 on RHEL4.2, 32-bit)

openafs-1.4.1-rhel4.2.i386.rpm

openafs-client-1.4.1-rhel4.2.i386.rpm

openafs-compat-1.4.1-rhel4.2.i386.rpm

openafs-kpasswd-1.4.1-rhel4.2.i386.rpm

In addition you need the "openafs-kernel" RPM, either from OpenAFS (if available), from the local Dartmouth repository, or by building it yourself. The name takes the form: openafs-kernel[-smp]-VERS-KERNEL.ARCH.rpm 

Install with 'rpm -iv openafs-...rpm'

openafs-VERS-OS-ARCH.rpm

provides: man pages in /usr/share/man, /usr/share/doc utilities in /usr/bin, /usr/sbin, /etc/sysconfig/openafs

openafs-client-VERS-OS-ARCH.rpm

provides: /etc/init.d/openafs-client, /lib/security/pam_afs.*, /usr/bin/cmdebug, /usr/bin/up /usr/share/man/man1/afsd.1.gz, /usr/vice/*

This one will complain and refuse to install because it requires "openafs-kernel" RPM as a prerequisite. You haven't built it yet, so use "rpm -iv --nodeps" to make it install without complaining.

openafs-compat-1.4.0-rhel3.1.i386.rpm

provides: symlinks in /usr/afsws/bin, /usr/afsws/etc (not essential, but needed if you want compatibility with traditional paths to AFS utilities used on other versions of Unix)

openafs-kpasswd-1.4.0-rhel3.1.i386.rpm provides: /usr/bin/kpasswd, /usr/bin/kpwvalid

If we have already built a kernel module for your OS and ARCH, there will be an RPM file in :

 /afs/northstar.dartmouth.edu/public/AFS/linux/openafs-kernel[-smp]-VERS-KERNEL.ARCH.rpm

 e.g.

 /afs/northstar.dartmouth.edu/public/AFS/linux/openafs-kernel-smp-1.4.1-2.6.9_42.0.2.ELsmp_2.i686.rpm 

The openafs-kernel RPM contains only a single file - the kernel module for the client cache manager. (/lib/modules/KERNEL/kernel/fs/openafs/openafs.o) 

If this RPM exactly matches your kernel version, architecture and OpenAFS version, install it. The RPM file can be copied from another machine which already has AFS, or downloaded via the web links (URL?)  Otherwise, build the kernel module.
 

Configure OpenAFS Client

Edit /usr/vice/etc/ThisCell and set default cell

echo "northstar.dartmouth.edu" > /usr/vice/etc/ThisCell

Edit /usr/vice/etc/CellServDB if needed

The default public CellServDB from OpenAFS contains the Northstar servers, but it is better to use only DNS lookups if possible, as an out-of-date CellServDB file will take precedence over DNS. The CellServDB must exist however, even if it is empty. If access to the Thayer cell is needed, copy the file /afs/northstar.dartmouth.edu/common/etc/CellServDB.thayer to the local CellServDB file.

With OpenAFS 1.4.2 for Linux, the distributed files consist of CellServDB.local (default empty) and CellServDB.dist (default worldwide public cell list). The startup script combines these two files to create the CellServDB, with the intention that locally added cells (like Thayer) be placed in CellServDB.local. This system works, but still defeats the DNS information which is likely to be more correct. We recommend saving a copy of CellServDB.dist and then deleting the contents, leaving it empty.

Edit /etc/sysconfig/openafs

Change: AFSD_ARGS="-dynroot -fakestat" to AFSD_ARGS="-afsdb -fakestat"

(and possibly set chunksize and other params as desired). "-dynroot" does not work well with our customized root.afs, because of the non-public thayer cell and symlink/aliases, esp. "@cell"

Start AFS by Hand

service openafs-client start

Test AFS

If there were no error messages in the previous step, try browsing /afs

Run "klog afsusername" and then ensure you have a token and can get access to protected files in AFS space

Reboot and watch that AFS starts automatically.

Last Updated: 3/13/13