Re: [OpenAFS] Access Denied with OA 1.7 and Win XP SP3
Hi, On Mon, Dec 02, 2013 at 02:26:14PM -0500, Jeffrey Altman wrote: > On 12/2/2013 3:33 AM, Frank Burkhardt wrote: > > Hello Jeffrey, > > > > On Thu, Nov 28, 2013 at 02:49:39PM -0500, Jeffrey Altman wrote: > >> Frank, > >> > >> A quick test from an XP SP3 system upgraded from 1.6.1 to 1.7.28. > >> Using a "Limited user" local account I am able to access AFS from > >> cmd.exe using both UNC paths and NET USE mapped drive letters. > >> > >> Your description of the problem is quite lacking in details so it is > >> impossible for me to determine whether or not I have an appropriate test > >> case. [snip] > "Domain User" or "Local User"? Both. It doesn't work as long they are not administrators. > If domain user, does the user have persistent drive letter mappings to > \\AFS via the "Microsoft Network" in the user's profile? No. A single drive mapping to afs is created for domain users via a logon script: net use f: \\afs\cbs.mpg.de However, accessing AFS via UNC doesn't work either. Best, Frank Burkhardt ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: How to remove a bogus (127.0.1.1) server entry for readonly volume?
> All of the places in the code tree that filter eventually test each > address with rx_IsLoopbackAddr() which is defined in rx.h. When I look at vos.c, then I find GetServer which uses rx_IsLoopbackAddr. Now let's assume we feed that something that resolves to loopback. That will be detected at #1, and as a second route we look up the local hostname we are on. But if that at #2 is STILL loopback, that goes through at #3... GetServer(char *aname) { struct hostent *th; afs_uint32 addr; /* in network byte order */ afs_int32 code; char hostname[MAXHOSTCHARS]; if ((addr = GetServerNoresolve(aname)) == 0) { th = gethostbyname(aname); if (!th) return 0; memcpy(&addr, th->h_addr, sizeof(addr)); } if (rx_IsLoopbackAddr(ntohl(addr))) { /* local host */ #1 code = gethostname(hostname, MAXHOSTCHARS); if (code) return 0; th = gethostbyname(hostname); #2 if (!th) return 0; memcpy(&addr, th->h_addr, sizeof(addr)); #3 } return (addr); } I think there should be a "is this still $#%^&* a loopback addr" test just before return(addr). Does that sound correct? Harald. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
[OpenAFS] Question about how to use vos shadow
Am am experimenting with vos shadow, and # vos shadow H.haba.test.alanine -fromserver beef.stacken.kth.se -frompartition c -toserver bananshake.stacken.kth.se -topartition a -local -verbose works as expected # vos listvol bananshake Total number of volumes on server bananshake partition /vicepa: 1 H.haba.test.alanine 536901865 RO 1544 K On-line (and nothing in the VLDB about it). However, when I try do make shadow readonly vols or shadow vols which are readonly, I'm not as successful: # vos shadow H.haba.test.alanine -fromserver beef.stacken.kth.se -frompartition c -toserver bananshake.stacken.kth.se -topartition a -toname H.haba.test.alanine.readonly -readonly -local -verbose vos: the name of the root volume H.haba.test.alanine.readonly exceeds the size limit of 22 (I would like to that this would result in the same result as if I would do a addsite, release, remsite which would leave a "stranded" unknown readonly copy with the .readonly suffix on the added server) Then am I right, that -toname in this kind of usage has to be used together with -toid because vos shadow can not make up an ID in the VLDB for something that then should not exist in the VLDB? # vos shadow H.haba.test.alanine -fromserver beef.stacken.kth.se -frompartition c -toserver bananshake.stacken.kth.se -topartition a -toname X.haba.test.alanine -readonly -local -verbose VLDB: no such entry Harald. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Re: How to remove a bogus (127.0.1.1) server entry for readonly volume?
On 12/13/2013 9:16 AM, Harald Barth wrote: > Btw, this is > # rxdebug localhost -v > Trying 127.0.0.1 (port 7000): > AFS version: OpenAFS 1.6.1-3+deb7u1-debian built 2013-07-25 > > And I have not found where this filtering of 127/something actually > takes place. Pointers welcome. All of the places in the code tree that filter eventually test each address with rx_IsLoopbackAddr() which is defined in rx.h. smime.p7s Description: S/MIME Cryptographic Signature
Re: [OpenAFS] Re: How to remove a bogus (127.0.1.1) server entry for readonly volume?
My test: # cat /etc/hosts 127.0.0.1 localhost 127.0.1.1 bananshake.stacken.kth.se bananshake # bos restart bananshake -local -all # cat FileLog ... Fri Dec 13 14:38:18 2013 Getting FileServer address... Fri Dec 13 14:38:18 2013 FileServer bananshake.stacken.kth.se has address 127.0.1.1 (0x101007f or 0x7f000101 in host byte order) Fri Dec 13 14:38:18 2013 File Server started Fri Dec 13 14:38:18 2013 ... So the server thinks somewhere it is 127.0.1.1, but is this message bogus as it would be more interresting to know which addresses the file server actually registered in the db. When I check, it has not registered it in the address list, bananshake is still with only one IP under UUID 007cadf8-b425-124e-91-2e-e8eded82aa77: # vos listaddr -local -printuuid -nores -noauth -c stacken.kth.se UUID: 000a40c4-cfeb-1228-b1-12-0101007faa77 130.237.234.220 UUID: 00230816-42a1-1361-ae-c3-2ceaed82aa77 130.237.234.101 UUID: 00438a50-e3e5-115d-8f-56-d8eaed82aa77 130.237.234.216 UUID: 0047a130-223f-1244-9b-0b-0101007faa77 130.237.234.151 UUID: 003f1f1a-0189-106e-b6-45-0101007faa77 130.237.234.150 UUID: 007cadf8-b425-124e-91-2e-e8eded82aa77 130.237.237.232 Nevertheless you can create volumes: # vos create bananshake a -name broken.volume -local -verbose Volume broken.volume 536911797 created and brought online Created the VLDB entry for the volume broken.volume 536911797 Volume 536911797 created on partition /vicepa of bananshake # vos listvldb -server bananshake.stacken.kth.se -nores vsu_ClientInit: Could not get afs tokens, running unauthenticated. VLDB entries for server bananshake.stacken.kth.se broken.volume RWrite: 536911797 number of sites -> 1 server 127.0.1.1 partition /vicepa RW Site Total entries: 1 To clean up I did a vos remove -id 536911797 -local as I knew that it was a throwaway volume which makes it easier than if you want only to remove one replica. Btw, this is # rxdebug localhost -v Trying 127.0.0.1 (port 7000): AFS version: OpenAFS 1.6.1-3+deb7u1-debian built 2013-07-25 And I have not found where this filtering of 127/something actually takes place. Pointers welcome. Harald. ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info