Re: [OpenAFS] How to replicate files on different machines
[EMAIL PROTECTED] wrote: Hi. I'm using OpenAFS 1.4.2 on Fedora 5. I want to replicate file(s) on 2 machines (both Fedora 5). How could this be achieved? Do I need to install OpenAFS server on both the machines, and if this is the requirement, how could the servers be synchronized? Yes you need a fileserver on the second machine and you need to define the replication side for each volume by using vos addsite The synchronisation is acchieved by vos release for the volume. This doesn't happen automatically, but you start some script via cron. Write now I'm facing one other issue. I have installed server on 1st machine and client on 2nd machine (both Fedora 5). I have given the cell information for the server on 2nd machine in /usr/vice/etc/CellServDB, CellServDB.dist and ThisCell. However, when I start the client, the cell under /afs/ is not displayed as a directory. # ls -l /afs/ total 0 ?- 0 root root 0 Jan 1 1970 ps2750.pspl.co.in # Hence I could not do any further file operations. Am I missing something? Did you start the afsd on the client with the option -dynroot? Do you have a volume root.cell in your cell? If both is true and your CellServDB and ThisCell information are correct you should see your cell. If you don't start afsd with -dynroot you need a volume root.afs and inside it a mountpoint for your root.cell under the name of your cell. Thanks and Regards, Shailesh Joshi ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info -- - Hartmut Reuter e-mail [EMAIL PROTECTED] phone +49-89-3299-1328 RZG (Rechenzentrum Garching) fax +49-89-3299-1301 Computing Center of the Max-Planck-Gesellschaft (MPG) and the Institut fuer Plasmaphysik (IPP) - ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
[OpenAFS] win 1.5.12 shell extension problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi! We´ve got some nasty lags while OpenAFS Shell Extensions are activated with 1.5.12 on our Windows XP SP2 PCs with roaming profile users. While right-clicking on a drive/file/directory which isn´t on afs-filespace in the explorer let the system freeze for 10-50sec and that can´t be stopped. On files/dirs in AFS filespace there is no delay. This appeared first with 1.5.12 and with some (not all :-( ) roaming profile users. If I deactivate the shell extension with ShellExView, the delay/freeze disappears and everything is back to normal. MfG, Lars Schimmer - -- - - TU Graz, Institut für ComputerGraphik WissensVisualisierung Tel: +43 316 873-5405 E-Mail: [EMAIL PROTECTED] Fax: +43 316 873-5402 PGP-Key-ID: 0x4A9B1723 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFgnVmmWhuE0qbFyMRAl3WAJ9H25DCsAIIL0wAlc3Fp8d7iMWDUgCfa3ra RB8yXgdnblXYwzrCaFtXVuA= =4rvN -END PGP SIGNATURE- ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
[OpenAFS] Problem compiling OpenAFS 1.5.12 on SUSE 10.2
Hi, I am not able to compile OpenAFS 1.5.12 on Suse 10.2. This is my configuration and the error message I get when compiling: # uname -r 2.6.18.2-34-default # ./configure --with-afs-sysname=i386_linux26 --with-linux-kernel-headers=/usr/src/linux # make compile_et.o: In function `yyerror': compile_et.c:(.text+0x2c): undefined reference to `yylineno' compile_et.o: In function `main': compile_et.c:(.text+0x35a): undefined reference to `yyin' compile_et.c:(.text+0x366): undefined reference to `yyout' compile_et.c:(.text+0x52c): undefined reference to `yyin' compile_et.c:(.text+0xc86): undefined reference to `yyout' error_table.o: In function `yyparse': error_table.c:(.text+0xbef): undefined reference to `yylex' collect2: ld returned 1 exit status make[3]: *** [compile_et] Error 1 make[3]: Leaving directory `/opt/openafs-1.5.12/src/comerr' make[2]: *** [comerr] Error 2 make[2]: Leaving directory `/opt/openafs-1.5.12' make[1]: *** [build] Error 2 make[1]: Leaving directory `/opt/openafs-1.5.12' make: *** [all] Error 2 I googled for the above but couldn't find any solution to this. I.e. flex -l is already used in the configure file for this platform. Any idea? Thanks, Frank ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Problem compiling OpenAFS 1.5.12 on SUSE 10.2
Hi Frank, another person had the same problem than you with Suse 10.2, i compiled version 1.4.2 in Suse 10.1. I recommend you to download the kernel from kernel.org because Novell could have done some customization to the kernel and it may be different than the one from kernel.org. Try the kernel version 2.6.18 and openafs 1.4.2 (stable). The version 1.5.12 is in development. Walter Lamagna On Fri, 2006-12-15 at 16:46 +0100, Frank Winklmeier wrote: Hi, I am not able to compile OpenAFS 1.5.12 on Suse 10.2. This is my configuration and the error message I get when compiling: # uname -r 2.6.18.2-34-default # ./configure --with-afs-sysname=i386_linux26 --with-linux-kernel-headers=/usr/src/linux # make compile_et.o: In function `yyerror': compile_et.c:(.text+0x2c): undefined reference to `yylineno' compile_et.o: In function `main': compile_et.c:(.text+0x35a): undefined reference to `yyin' compile_et.c:(.text+0x366): undefined reference to `yyout' compile_et.c:(.text+0x52c): undefined reference to `yyin' compile_et.c:(.text+0xc86): undefined reference to `yyout' error_table.o: In function `yyparse': error_table.c:(.text+0xbef): undefined reference to `yylex' collect2: ld returned 1 exit status make[3]: *** [compile_et] Error 1 make[3]: Leaving directory `/opt/openafs-1.5.12/src/comerr' make[2]: *** [comerr] Error 2 make[2]: Leaving directory `/opt/openafs-1.5.12' make[1]: *** [build] Error 2 make[1]: Leaving directory `/opt/openafs-1.5.12' make: *** [all] Error 2 I googled for the above but couldn't find any solution to this. I.e. flex -l is already used in the configure file for this platform. Any idea? Thanks, Frank ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info -- ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Problem compiling OpenAFS 1.5.12 on SUSE 10.2
On Fri, 15 Dec 2006, Frank Winklmeier wrote: # make [something happens here. what?] compile_et.o: In function `yyerror': ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Problem compiling OpenAFS 1.5.12 on SUSE 10.2
Hi Derrick, sorry, this is the make command including the error: make[3]: Entering directory `/opt/openafs-1.5.12/src/comerr' case i386_linux26 in \ *_linux* | *_umlinux* ) \ gcc -pipe -O2 -I/opt/openafs-1.5.12/src/config -I. -I. -I/opt/openafs-1.5.12/include -I/opt/openafs-1.5.12/include/afs -I/opt/openafs-1.5.12/include/rx -I/opt/openafs-1.5.12 -I/opt/openafs-1.5.12/src -I/opt/openafs-1.5.12/src -D_LARGEFILE64_SOURCE -o compile_et compile_et.o error_table.o -L/opt/openafs-1.5.12/lib -lafsutil;; \ * ) \ gcc -pipe -O2 -I/opt/openafs-1.5.12/src/config -I. -I. -I/opt/openafs-1.5.12/include -I/opt/openafs-1.5.12/include/afs -I/opt/openafs-1.5.12/include/rx -I/opt/openafs-1.5.12 -I/opt/openafs-1.5.12/src -I/opt/openafs-1.5.12/src -D_LARGEFILE64_SOURCE -o compile_et compile_et.o error_table.o -L/opt/openafs-1.5.12/lib -lafsutil -ll;; \ esac compile_et.o: In function `yyerror': compile_et.c:(.text+0x2c): undefined reference to `yylineno' compile_et.o: In function `main': compile_et.c:(.text+0x35a): undefined reference to `yyin' compile_et.c:(.text+0x366): undefined reference to `yyout' compile_et.c:(.text+0x52c): undefined reference to `yyin' compile_et.c:(.text+0xc86): undefined reference to `yyout' error_table.o: In function `yyparse': error_table.c:(.text+0xbef): undefined reference to `yylex' collect2: ld returned 1 exit status make[3]: *** [compile_et] Error 1 make[3]: Leaving directory `/opt/openafs-1.5.12/src/comerr' make[2]: *** [comerr] Error 2 make[2]: Leaving directory `/opt/openafs-1.5.12' make[1]: *** [build] Error 2 make[1]: Leaving directory `/opt/openafs-1.5.12' make: *** [all] Error 2 Derrick J Brashear wrote: On Fri, 15 Dec 2006, Frank Winklmeier wrote: # make [something happens here. what?] compile_et.o: In function `yyerror': ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
[OpenAFS] I dont want to receive more fuckin emails please
I can I stop been bothered by these mf?Express yourself instantly with MSN Messenger! MSN Messenger Download today it's FREE! ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Problem compiling OpenAFS 1.5.12 on SUSE 10.2
On Fri, 15 Dec 2006, Frank Winklmeier wrote: Hi Derrick, sorry, this is the make command including the error: cd src/comerr; make clean; make Let us see what's actually happening, instead of just you losing. What version of flex, also, and what does nm error_table.o|grep yylineno and grep yylineno et_lex.lex.c say? ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] I dont want to receive more fuckin emails please
On Fri, 15 Dec 2006, Yasser Gutierrez Moreno wrote: I can I stop been bothered by these mf? There's a link at the bottom of every message. It's not just because we had extra bits we needed to clear out now now now. I also prefer getting non-fornicating mail, yet every morning when I wake up the crap sure has multiplied like rabbits in my inbox. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Problem compiling OpenAFS 1.5.12 on SUSE 10.2
Ups, I didn't have flex nor the ncurses libs/headers installed on my system. It compiles now. Sorry for the noise! Frank Derrick J Brashear wrote: On Fri, 15 Dec 2006, Frank Winklmeier wrote: Hi Derrick, sorry, this is the make command including the error: cd src/comerr; make clean; make Let us see what's actually happening, instead of just you losing. What version of flex, also, and what does nm error_table.o|grep yylineno and grep yylineno et_lex.lex.c say? ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Problem compiling OpenAFS 1.5.12 on SUSE 10.2
Walter Lamagna [EMAIL PROTECTED] writes: Hi Frank, another person had the same problem than you with Suse 10.2, i compiled version 1.4.2 in Suse 10.1. I recommend you to download the kernel from kernel.org because Novell could have done some customization to the kernel and it may be different than the one from kernel.org. Try the kernel version 2.6.18 and openafs 1.4.2 (stable). The version 1.5.12 is in development. While that may help with other issues, this problem in particular is unlikely to be a kernel issue. It looks like something is failing between yacc and lex and the rest of the build. -- Russ Allbery ([EMAIL PROTECTED]) http://www.eyrie.org/~eagle/ ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
[OpenAFS] Re: pam-afs-session 1.0 released
Russ Allbery [EMAIL PROTECTED] writes: Please let me know of any problems or feature requests not already listed in the TODO file. This is really cool! Is there any straightforward/easy way to integrate this with kstart? For example, if the user in question has a ~/.keytab, then automatically wrap their PAGged-session in an invocation of k5start -UKf ~/.keytab? - a -- PGP/GPG: 5C9F F366 C9CF 2145 E770 B1B8 EFB1 462D A146 C380 ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
[OpenAFS] Re: AFS Tokens for Mac GUI 0.4 released
Dave Botsch [EMAIL PROTECTED] writes: https://forge.cornell.edu/sf/projects/afs_tokens Is there any way to acquire tokens for a cell/realm which does not appear in CellServDB? (ie for those of us using AFSDB?) - a ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] question
Yasser Gutierrez Moreno wrote: I just wat to know if the server can be installed on a windows plataform, I herd that its almost impossible, did youever tried?, The problem is that the afs server never reconigsed my ntfs partition. maybe oneof you can help me with this problem The AFS Servers have not been tested on Windows in a very very very long time. If you want to hire me to get them working again, I would be happy to have a reason to try. Jeffrey Altman Secure Endpoints Inc. smime.p7s Description: S/MIME Cryptographic Signature
Re: [OpenAFS] win 1.5.12 shell extension problem
You are sure this problem was not present in 1.5.11? The reason I ask is because there have been no changes to the pioctl or shell extension code in quite some time. Lars Schimmer wrote: Hi! We´ve got some nasty lags while OpenAFS Shell Extensions are activated with 1.5.12 on our Windows XP SP2 PCs with roaming profile users. While right-clicking on a drive/file/directory which isn´t on afs-filespace in the explorer let the system freeze for 10-50sec and that can´t be stopped. On files/dirs in AFS filespace there is no delay. This appeared first with 1.5.12 and with some (not all :-( ) roaming profile users. If I deactivate the shell extension with ShellExView, the delay/freeze disappears and everything is back to normal. MfG, Lars Schimmer ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info smime.p7s Description: S/MIME Cryptographic Signature
[OpenAFS] safe+portable way to determine if byte-range-locking is dangerous?
I'm using sqlite right now -- it's a very tiny embedded databaselet. It's much more like libdb on steroids than, say, Oracle. I would like to store the database file in /afs, provided that 99% of the time only a single process on a single client will be accessing it. By default, sqlite uses byte-range locking to support fairly inefficient sharing of a single database file amongst multiple processes. I plan on contributing code to let it fall back to an (even more inefficient) strategy which relies only on whole-file locking. However, I am faced with a problem: how should the modified sqlite know when to fall back? It can't really link against any afs-specific libraries. Essentially what I want is a way of asking the OS will a byte-range-lock request lie to me? and be very, very, very, very sure that I'm being given the correct answer. Unfortunately it appears that I'm going to have to change the file format in some incompatible way to eliminate the possibility of somebody using a non-afs-aware version of sqlite on a database file which resides in /afs. This might end up being a deal-killer in terms of getting the changes accepted upstream, since sqlite prides itself on a very stable file format. Argh. I guess my real problem is the installed base of sqlite clients that aren't aware that byte-range locking is sometimes unsafe when afs is involved. - a -- PGP/GPG: 5C9F F366 C9CF 2145 E770 B1B8 EFB1 462D A146 C380 ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
[OpenAFS] ????? i dont understand
why the afs windows installer has the option of afs server?Express yourself instantly with MSN Messenger! MSN Messenger Download today it's FREE! ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
[OpenAFS] question
I just wat to know if the server can be installed on a windows plataform, I herd that its almost impossible, did youever tried?, The problem is that the afs server never reconigsed my ntfs partition. maybe oneof you can help me with this problemFREE pop-up blocking with the new MSN Toolbar MSN Toolbar Get it now! ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] ????? i dont understand
Yasser Gutierrez Moreno wrote: why the afs windows installer has the option of afs server? The AFS Server will hopefully work at some point in the future. I suggest you read the Release Notes. That is why they are there. smime.p7s Description: S/MIME Cryptographic Signature
Re: [OpenAFS] Re: pam-afs-session 1.0 released
Adam Megacz [EMAIL PROTECTED] writes: This is really cool! Is there any straightforward/easy way to integrate this with kstart? For example, if the user in question has a ~/.keytab, then automatically wrap their PAGged-session in an invocation of k5start -UKf ~/.keytab? Huh, interesting. I assume that the usage scenario here is that basically you want permanent AFS tokens for a user that you can still invalidate if you need to? Have you considered putting something like: if [ -z $KSTART_RUNNING ] [ -f $HOME/.keytab ] ; then exec k5start -K 30 -Uf $HOME/.keytab -- \ env KSTART_RUNNING=1 $SHELL -l fi in the shell initialization for users? Or actually, that may be too complex; all you may need is to give the user a shell of kstart-shell, where kstart-shell is: #!/bin/sh exec k5start -K 30 -Uf $HOME/.keytab /bin/bash -l or whatever shell you want to use. Although that doesn't let the user pick their own shell as easily. It's difficult to do this from inside a PAM module since the PAM module doesn't have any control over the user's shell, and for ideal k5start behavior (such as automatically exiting when the shell exits) you want to have k5start invoke the shell and watch it. -- Russ Allbery ([EMAIL PROTECTED]) http://www.eyrie.org/~eagle/ ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
[OpenAFS] Re: pam-afs-session 1.0 released
Russ Allbery [EMAIL PROTECTED] writes: Huh, interesting. I assume that the usage scenario here is that basically you want permanent AFS tokens for a user that you can still invalidate if you need to? Oh, I hadn't thought of the invalidation aspect. Is there some easy way to do this without that capability that I'm missing? It's difficult to do this from inside a PAM module since the PAM module doesn't have any control over the user's shell, and for ideal k5start behavior (such as automatically exiting when the shell exits) you want to have k5start invoke the shell and watch it. Ah, I see. - a -- PGP/GPG: 5C9F F366 C9CF 2145 E770 B1B8 EFB1 462D A146 C380 ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] win 1.5.12 shell extension problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jeffrey Altman wrote: You are sure this problem was not present in 1.5.11? The reason I ask is because there have been no changes to the pioctl or shell extension code in quite some time. I am 100% sure it wasn´t present in 1.5.10. And I know I updated a few PCs with 1.5.11 and got no problems told by our customers. They noticed the problem just after the upgrade to 1.5.12 (I updated some other software beside, doesn´t make it easier). So the problematic change could happend after 1.5.10 but wasn´t trapped on the PCs with 1.5.11 in our department. I could try to test it tomorrow, but til yet I don´t have access to a user account on which that happens (I have to wait for monday to be really sure). MfG, Lars Schimmer - -- - - TU Graz, Institut für ComputerGraphik WissensVisualisierung Tel: +43 316 873-5405 E-Mail: [EMAIL PROTECTED] Fax: +43 316 873-5402 PGP-Key-ID: 0x4A9B1723 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) iD8DBQFFgpKFmWhuE0qbFyMRAvMeAJ4q2SqwNjI4en7xpFnZskZqtDpRXACePWvQ AZbiL+F6uxfftMIJCV/dmSA= =gh/N -END PGP SIGNATURE- ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] win 1.5.12 shell extension problem
Lars Schimmer wrote: Jeffrey Altman wrote: You are sure this problem was not present in 1.5.11? The reason I ask is because there have been no changes to the pioctl or shell extension code in quite some time. I am 100% sure it wasn´t present in 1.5.10. And I know I updated a few PCs with 1.5.11 and got no problems told by our customers. They noticed the problem just after the upgrade to 1.5.12 (I updated some other software beside, doesn´t make it easier). So the problematic change could happend after 1.5.10 but wasn´t trapped on the PCs with 1.5.11 in our department. I could try to test it tomorrow, but til yet I don´t have access to a user account on which that happens (I have to wait for monday to be really sure). MfG, Lars Schimmer The last change to the pioctl and AFS Shell Extension code took place in 1.5.8. The change that was made was the implementation of a test to determine if the AFS Client Service was running before attempting to perform a pioctl call to the AFS Client for the purpose of determining whether or not the path is associated with an AFS cell. This change was made in order to ensure that long timeouts do not occur on non-folders when the AFS Client Service is disabled. Jeffrey Altman ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: pam-afs-session 1.0 released
Adam Megacz [EMAIL PROTECTED] writes: Russ Allbery [EMAIL PROTECTED] writes: Huh, interesting. I assume that the usage scenario here is that basically you want permanent AFS tokens for a user that you can still invalidate if you need to? Oh, I hadn't thought of the invalidation aspect. Is there some easy way to do this without that capability that I'm missing? Sure, increase the ticket lifetime to something incredibly high. I'm not sure what the maximum ticket lifetime is, but I know it's at least several weeks and I think more than that. The problem with just increasing the ticket lifetime is that you can't do anything about those issued tickets once they're out there until they expire. The advantage of forcing either a reauthentication or a renewal is that then you can deactivate the account and have that take effect within a reasonable amount of time. Another possibility would be to use a regular ticket lifetime but increase the maximum renewable lifetime to something like a year, and then just background a krenew process for users when they log in. Although you'd still have the problem of getting rid of it when they log out properly unless it was the parent of the shell. -- Russ Allbery ([EMAIL PROTECTED]) http://www.eyrie.org/~eagle/ ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] safe+portable way to determine if byte-range-locking is dangerous?
Adam Megacz [EMAIL PROTECTED] writes: To: openafs-info@openafs.org From: Adam Megacz [EMAIL PROTECTED] Message-ID: [EMAIL PROTECTED] Subject: [OpenAFS] safe+portable way to determine if byte-range-locking is dangerous? Date: Fri, 15 Dec 2006 10:04:02 -0800 I'm using sqlite right now -- it's a very tiny embedded databaselet. It's much more like libdb on steroids than, say, Oracle. I would like to store the database file in /afs, provided that 99% of the time only a single process on a single client will be accessing it. By default, sqlite uses byte-range locking to support fairly inefficient sharing of a single database file amongst multiple processes. I plan on contributing code to let it fall back to an (even more inefficient) strategy which relies only on whole-file locking. However, I am faced with a problem: how should the modified sqlite know when to fall back? It can't really link against any afs-specific libraries. Essentially what I want is a way of asking the OS will a byte-range-lock request lie to me? and be very, very, very, very sure that I'm being given the correct answer. Unfortunately it appears that I'm going to have to change the file format in some incompatible way to eliminate the possibility of somebody using a non-afs-aware version of sqlite on a database file which resides in /afs. This might end up being a deal-killer in terms of getting the changes accepted upstream, since sqlite prides itself on a very stable file format. Argh. I guess my real problem is the installed base of sqlite clients that aren't aware that byte-range locking is sometimes unsafe when afs is involved. ... Does sqlite make any attempt today to see if byte range locking works, and have logic to fall back to something else if it's not there? Does sqlite have any afs-aware logic today? I can't answer for the sqlite end as to what exactly would be acceptable to those folks, but I suspect they'd be most happy with a very portable non-specific type of fix - in this context, it should probably be something that can tailor itself at runtime to what the local filesystem provides. I don't think afs has any way today to indicate what sort of locking behavior it has. The only way is to try it see. I think, though, that it might be simple enough to add a mechanism that would communicate in some non-afs fashion whether locking works. A simple fashion might be some equivalent to fs setcrypt that toggled AFS lies about locking behavior. A slightly more comprehensive solution would be to make this per-pag so that different users or runtime environments could have different behavior. (Making fs setcrypt work this way might be interesting as well.) There is some effort underway to improve locking behavior in AFS. Today, AFS byte ranges can in some cases work on the local workstation, but not to other workstations. There's some work underway (mostly planning today) to make this inter-workstation (server-based) as well. That means at some point in the future, you may be looking at an array of possible behavior from AFS: global whole-file locking only. local byte-ranges, global whole-file locking. local global byte ranges. x client lies to the application client tells the truth to the application x possible per-cell, per file-server, and/or per-pag differences in behavior -Marcus ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: AFS Tokens for Mac GUI 0.4 released
With kerberos 5, you either must have the KDC for the realm in /etc/krb5.conf or the MS Kerberos extensions for DNS might work if used. Assuming CellServDB/krb5.conf or DNS krb/AFSDB are enabled, then kinit [EMAIL PROTECTED] , then aklog -cell REALM.com or klog -cell REALM.com many of the AFS commands have a -cell option to specify foreign cells. Jason Adam Megacz wrote: Dave Botsch [EMAIL PROTECTED] writes: https://forge.cornell.edu/sf/projects/afs_tokens Is there any way to acquire tokens for a cell/realm which does not appear in CellServDB? (ie for those of us using AFSDB?) - a ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
[OpenAFS] Re: safe+portable way to determine if byte-range-locking is dangerous?
Marcus Watts [EMAIL PROTECTED] writes: Does sqlite make any attempt today to see if byte range locking works, Sure -- it checks whether fcntl(fd,F_SETLK,flock)==0. ...unless you mean actually checking at runtime to see if it's possible to violate a lock that has been granted. Interesting. This is the most promising suggestion I've heard so far. I'm going to run this by the sqlite people. Does sqlite have any afs-aware logic today? I am interested in adding such logic, but there are a number of factors that might prevent my changes from having any hope of being accepted upstream. But the autoconf-style don't believe it until you witness it approach sounds very promising. - a -- PGP/GPG: 5C9F F366 C9CF 2145 E770 B1B8 EFB1 462D A146 C380 ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: safe+portable way to determine if byte-range-locking is dangerous?
Adam Megacz [EMAIL PROTECTED] writes: Marcus Watts [EMAIL PROTECTED] writes: Does sqlite make any attempt today to see if byte range locking works, Sure -- it checks whether fcntl(fd,F_SETLK,flock)==0. ...unless you mean actually checking at runtime to see if it's possible to violate a lock that has been granted. Interesting. This is the most promising suggestion I've heard so far. I'm going to run this by the sqlite people. I thought, on Linux at least, that some combination of the cache manager and the generic file system layer caused byte-range locking to work on the local host even though other hosts wouldn't see the lock. -- Russ Allbery ([EMAIL PROTECTED]) http://www.eyrie.org/~eagle/ ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
[OpenAFS] Re: AFS Tokens for Mac GUI 0.4 released
Jason Edgecombe [EMAIL PROTECTED] writes: Assuming CellServDB/krb5.conf or DNS krb/AFSDB are enabled, then kinit [EMAIL PROTECTED] , then aklog -cell REALM.com or klog -cell REALM.com My question was whether or not you could do this within the AFS Tokens for Mac GUI mentioned in the subject line. many of the AFS commands have a -cell option to specify foreign cells. Jason Adam Megacz wrote: Dave Botsch [EMAIL PROTECTED] writes: https://forge.cornell.edu/sf/projects/afs_tokens Is there any way to acquire tokens for a cell/realm which does not appear in CellServDB? (ie for those of us using AFSDB?) - a ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info -- PGP/GPG: 5C9F F366 C9CF 2145 E770 B1B8 EFB1 462D A146 C380 ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] What changed after 1.4.1?
Sorry, I had finals... This is going to sound lame, but how do I do this? Windows is not letting me even after I stop the restart and stop the service (from another machine with out logining in to the destination machine). On 12/13/06, Jeffrey Altman [EMAIL PROTECTED] wrote: If you manually replace the %WinDir%\System32\afslogon.dll with the 1.4.1 version, are you able to successfully authenticate?
Re: [OpenAFS] What changed after 1.4.1?
The file is not part of the AFS Service. Its part of the Windows LSA. Rename the file, copy the new version in, reboot the machine Andrew Radamis wrote: Sorry, I had finals... This is going to sound lame, but how do I do this? Windows is not letting me even after I stop the restart and stop the service (from another machine with out logining in to the destination machine). On 12/13/06, *Jeffrey Altman* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: If you manually replace the %WinDir%\System32\afslogon.dll with the 1.4.1 version, are you able to successfully authenticate? smime.p7s Description: S/MIME Cryptographic Signature
