Configure AFS Server
This is only a quick step through configuring a AFS Server:
Inhaltsverzeichnis
Create a partition for AFS (we use LVM here):
lvcreate -L 20g -n vicepa vg_system mkfs.ext3 /dev/vg_system/vicepa echo "/dev/vg_system/vicepa /vicepa ext3 defaults 0 0" >> /etc/fstab mkdir /vicepa mount /vicepa
bos server
Wipe odd config files that come with rpms:rm /etc/openafs/* rm /etc/openafs/server/*
Start bos server:
bosserver -noauth
Configure Cell Name:
bos setcellname dopey.redflo.de redflo.de -noauth
Note: The first parameter is the fqdn of the AFS Server. The second parameter is the AFS cell name - usually looking like a domain name. This has to be lower case.
Configure server processes:
bos create dopey.redflo.de buserver simple /usr/lib64/openafs/buserver -cell redflo.de -noauth bos create dopey.redflo.de ptserver simple /usr/lib64/openafs/ptserver -cell redflo.de -noauth bos create dopey.redflo.de vlserver simple /usr/lib64/openafs/vlserver -cell redflo.de -noauth
Configure AFS to use Kerberos:
kadmin.local kadmin.local: add_principal -randkey -e des-cbc-crc:v4 afs/redflo.de kadmin.local: add_principal admin <enter the password you like to use for afs adminitration> kadmin.local: ktadd -k /etc/afs.keytab -e des-cbc-crc:v4 afs/redflo.de Entry for principal afs/redflo.de with kvno (kvno number), encryption type DES cbc mode with CRC-32 added to keytab WRFILE:/etc/afs.keytab.
Note the "kvno" number from output of the ktadd command. Now transport the afs.keytab to your afs server (if it is not the kerberos server)
bos adduser dopey.redflo.de admin -cell redflo.de -noauth asetkey add (kvno number) /etc/afs.keytab afs/redflo.de
You have to use the kvno number you noted in the step before for the asetkey command.
Configure admin for protection DB:
pts createuser -name admin -cell redflo.de -noauth pts adduser admin system:administrators -cell redflo.de -noauth pts membership admin -cell redflo.de -noauth
Restart bos server:
bos restart dopey.redflo.de -all -cell redflo.de -noauth
Start file server:
bos create dopey.redflo.de fs fs /usr/lib64/openafs/fileserver /usr/lib64/openafs/volserver /usr/lib64/openafs/salvager -cell redflo.de -noauth
Create root volume:
vos create dopey.redflo.de /vicepa root.afs -cell redflo.de -noauth
Create update server:
bos create dopey.redflo.de upserver simple "/usr/lib64/openafs/upserver -crypt /etc/openafs -clear /usr/lib64/openafs" -cell redflo.de -noauth
Autostart:
On suse linux be sure to set
REGENERATE_CELL_INFO="no"
in /etc/sysconfig/openafs-server
Make the server start automatically:
chkconfig -a openafs-server