On Fri, 13 May 2016, Karl-Philipp Richter wrote: > Am 14.03.2016 um 14:24 schrieb Chas Williams: > > Then you should have permission to read root.cell. Did you add admin > > to the system:administrators group? Do the pts commands work? > > > > While poking around I found this gentoo document which seems to > > cover what you want: > > > > https://wiki.gentoo.org/wiki/OpenAFS > > > > Search for :mount > Good hint, thanks. I tried all sorts of variations of `fs setacl > /afs/.:mount/richtercloud.de:root.afs/. system:anyuser rl` with > `dynroot` notation and `root.cell` as well which all fail with the > mentioned error. > > `admin` is a member of `system:administrators` according to `sudo pts > membership admin -localauth`. `pts createuser` didn't cause any trouble. > > >> What could I use as alternative to `aklog` to try it out? > > Usually you create the /usr/local/NoAuth file instead of using the above. > On Ubuntu 16.04 I ran `sudo bos setauth richtercloud.de -authrequired > off -noauth` to create `/etc/openafs/server/NoAuth` assuming that's the > recommended way to create that file (as all files in OpenAFS).
I seem to have lost track of the history of this thread (and re-reading the archives doesn't help a whole lot), but even when -dynroot is in use, it is not necessary to enter -noauth mode to complete the cell setup. pts adduser -user admin -group system:administrators -localauth should work to get the 'admin' user administrative rights, though an 'aklog -force' may be needed to get the fileserver to re-check group membership. This sort of permission error can also occur when the fileserver can't communicate to a ptserver, so it's also worth checking for error messages in the various log files. -Ben _______________________________________________ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info