Skip to main content

Search this Site

DartPulse Alerts

"HeartBleed" Website Security

Java Upgrade

Windows XP Alert

 

DartPulse Outages

Overall System Status:

Upcoming Scheduled Outages

New to Dartmouth?

Resources for:

Information Security

Connect with Computing

facebook twitter Wordpress Blog

OpenAFS Client for Mac

 The OpenAFS client for Mac is available for OSX 10.4 onwards.  On this page we provide a download link and instructions for the most recent version that Research Computing has tested. openafs.org/macos.html has the official documentation and possibly newer versions of the software.

Installing the OpenAFS client for Mac

  1. Download OpenAFS, choosing the appropriate installer for your version of OSX.  This is a disk image file (.dmg). If you aren't sure which version you are running, click the Apple icon always at the top left of the screen, and then About this Mac and look for Version. 10.6 (Snow Leopard), 10.7 (Lion), 10.8 (Mountain Lion), 10.9 (Mavericks)
  2. If the Disk Image does not automatically mount, find it in your Downloads folder  double-click to mount it as a volume named OpenAFS.
  3. Double-click the enclosed OpenAFS.pkg file to start the installer. On 10.8/10.9 you may need to Control-click and select Open,  to permit the installer to run.  You will be asked for your password (you must be logged in as an administrative user) and accept the license agreement. Installation will take about a minute, and will prompt for a default cell name;  enter northstar.dartmouth.edu.  Click through the other screens (OK or Next).  If it offers to download Xcode, you can decline.  On 10.8 and newer, there may be warnings about installing code from unidentified developers.  The client will start running immediately.
  4. Eject the OpenAFS volume (drag to trash).
  5. Open the control panel System Preferences:OpenAFS and check the boxes Backgrounder and AFS Menu and Start AFS at Boot.  Leave the Kerberos boxes unchecked.  Close the control panel.
  6. You should now have a padlock icon in the toolbar.  Use that icon to Get new token (AFS credentials), or to discard your token. 
  7. Download afssetup. Unpack the .zip file if your browser doesn't do this automatically, then double-click the resulting afssetup.command script to execute it, and enter your password when prompted. This script will update the configuration with the recommended Dartmouth settings, and also create Desktop shortcuts to your AFS volume(s). The shortcuts may be recreated at any time by running the afslink.command script.
  8. Reboot for the new settings to take effect.

You should now have an AFS 'mounted server' on your desktop, and a shortcut to your personal space. In a Terminal window,  AFS space appears under /afs.

The afssetup script does the following:

  • Configures the computer to see the northstar.dartmouth.edu AFS space.
  • Sets up the recommended client options.
  • Turns on crypt mode, so that filesystem traffic to AFS is encrypted in transit. The authentication steps are always encrypted.

The AFS client uses some disk space for file caching. This is 30MB by default, but it may be helpful to increase this. Please ask Research Computing for advice on changing this setting.

To do a clean uninstall of OpenAFS client, use the uninstall program that comes bundled with the installer. 

Top of page

Basic Usage

You now have access to AFS space, but you do not have permission to see your own personal files yet. You need to authenticate to AFS by clicking the padlock iconAFS padlock iconin the top toolbar, and giving it your AFS username and password when prompted. When you are authenticated, the padlock will have no red 'X'. You will now have full access to your files in AFS through the finder or the command line. You now have an AFS token (limited lifetime Kerberos ticket with AFS access privileges).   You also have access to any other parts of AFS which your account has been given permission to see (e.g. research group shared space).  Your token is good for 25 hours.  After that time, the padlock tool will get a red 'X' and you will revert to an unauthenticated user on AFS.  The token can be renewed at any time, and longer lifetimes can be arranged.

The desktop shortcuts created in step 6 above will take the Finder directly to your AFS home.  You can also drag any AFS folder to the left Finder panel to make a shortcut.  This is generally the most convenient way to navigate to shared space.

You can change your AFS password with the kpasswd.afs utility in a Terminal window

% kpasswd.afs afsusername

Top of page

Last Updated: 4/10/14