Re: [OpenAFS] Re: build error when linking with heimdal-dev (Re: [OpenAFS] bosserver -noauth& changes cell to localcell)

[Ted Creedon]

1. Create default ThisCell/CellServDB files in the path the servers expect.
yes
2. Use asetkey to create the KeyFile/KeyFileEx
yes
3. Start the bosserver (without -noauth)
yes and it exits here
4. Run authenticated bos to setup the cellname, hosts, and superusers
never gets this far


From: Michael Meffie <mmef...@sinenomine.net>
Sent: Friday, April 14, 2017 10:37 AM
To: Ted Creedon
Cc: openafs-info@openafs.org
Subject: Re: [OpenAFS] Re: build error when linking with heimdal-dev (Re: 
[OpenAFS] bosserver -noauth& changes cell to localcell)

On Fri, 14 Apr 2017 02:51:45 +
Ted Creedon <tcree...@easystreet.net> wrote:

> The strace is ~ 40 lines long & is useless..
>
> what (dir, file) permissions are required?
>
> I'd suggest removing any cell improvements since the error messages are 
> misleading.

Hi Ted,

The feature Jeff described, in which the bosserver creates a default cell
configuration if it is missing, is not a new feature. It's been present since
OpenAFS 1.0.  Basically, the bosserver will create a ThisCell/CellServDB file
with default values if they are not present.  Perhaps something else is setting
those default values. Are you running some scripts or something else?

By the way, the -noauth flag isn't normally needed any longer for setting up a
new cell. It was useful back in the kaserver days, since you needed -noauth to
create the service keys with kaserver, but in a modern setup, you do not need
-noauth if you set the service key before you start the bosserver.

You can set the key with asetkey before running the bosserver. However, one
minor complication; in the current releases (and master) asetkey does require
the cell configuration to be present (CellServDB/ThisCell). They can be default
values for asetkey.

You can do the following:

1. Create default ThisCell/CellServDB files in the path the servers expect.
2. Use asetkey to create the KeyFile/KeyFileEx
3. Start the bosserver (without -noauth)
4. Run authenticated bos to setup the cellname, hosts, and superusers

Thanks,
Mike

--
Michael Meffie <mmef...@sinenomine.net>
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Re: build error when linking with heimdal-dev (Re: [OpenAFS] bosserver -noauth& changes cell to localcell)

[Ted Creedon]

The strace is ~ 40 lines long & is useless..

what (dir, file) permissions are required?

I'd suggest removing any cell improvements since the error messages are 
misleading.

ted

From: Benjamin Kaduk <ka...@mit.edu>
Sent: Thursday, April 13, 2017 7:11 PM
To: Ted Creedon
Cc: openafs-info@openafs.org
Subject: Re: [OpenAFS] Re: build error when linking with heimdal-dev (Re: 
[OpenAFS] bosserver -noauth& changes cell to localcell)

On Thu, Apr 13, 2017 at 10:39:26PM +0000, Ted Creedon wrote:
> anyway just to get something that compiles
> git clone https://github.com/openafs/openafs.git (openafs 1.8.0pre1-41-g6b7b4)
>
> so 1.8 compiles but  still changes ThisCell & CelllServDB to localcell after 
> setting to creedon.biz
>
> I have no idea why this happens.

CreateLocalCellConfig() does so; it is called if afsconf_Open()
fails for the server configuration directory, presumably intended as
an aid to first-time administrators.
Showing a complete strace log of the failed run would probably
indicate why, but would requre the entire log, which would mean it
is a large file.  Just exerpts are unlikely to suffice.

-Ben

___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Re: build error when linking with heimdal-dev (Re: [OpenAFS] bosserver -noauth& changes cell to localcell)

[Ted Creedon]

anyway just to get something that compiles
git clone https://github.com/openafs/openafs.git (openafs 1.8.0pre1-41-g6b7b4)

so 1.8 compiles but  still changes ThisCell & CelllServDB to localcell after 
setting to creedon.biz

I have no idea why this happens. 

tedc

From: Jeffrey Altman <jalt...@auristor.com>
Sent: Thursday, April 13, 2017 1:38:25 PM
To: Michael Meffie
Cc: Ted Creedon; openafs-info@openafs.org
Subject: Re: [OpenAFS] Re: build error when linking with heimdal-dev (Re: 
[OpenAFS] bosserver -noauth& changes cell to localcell)

On 4/13/2017 4:08 PM, Michael Meffie wrote:
> On Thu, 13 Apr 2017 15:31:39 -0400
> Michael Meffie <mmef...@sinenomine.net> wrote:
>
>> On Thu, 13 Apr 2017 16:58:57 +
>> Ted Creedon <tcree...@easystreet.net> wrote:
>>
>>> Looks like the compile failure is described in:
>>> https://lists.openafs.org/pipermail/openafs-info/2016-August/041890.html
>>>
>>> trying to figure that  out now.
>>
>
> Hello Ted,
>
> Does your build work if you manually change the following line in
> src/config/Makefile.config  (*after* running ./configure)
>
> KRB5_LIBS = -L/usr/lib/x86_64-linux-gnu/heimdal -lkrb5
>
> to:
>
> KRB5_LIBS = -L/usr/lib/x86_64-linux-gnu/heimdal -lkrb5 -lasn1
>
> It looks like we need to add -lasn1 anywhere libauth.a is linked (when using
> heimdal libs). Currently that is only done when building aklog.

That is an incorrect fix. -lasn1 should neither be added for aklog nor
libauth.

akimpersonate_v5gen.c is wrong in the Heimdal case.  It is making direct
usage of Heimdal ASN1 macros when it should be following the model used
for rxkad.  I'm not entirely sure why akimpersonate has its own v5gen
source files.

Jeffrey Altman

___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] bosserver -noauth& changes cell to localcell

[Ted Creedon]

Looks like the compile failure is described in:
https://lists.openafs.org/pipermail/openafs-info/2016-August/041890.html

trying to figure that  out now.

ted

From: Ted Creedon
Sent: Thursday, April 13, 2017 9:41:01 AM
To: Jeffrey Altman; openafs-info@openafs.org
Subject: Re: [OpenAFS] bosserver -noauth& changes cell to localcell

Sorry 1.6.20.1, looks like the dyndns setup evaporated

however after updating to heimdal-7.2.0:

ookpik:/data/openafs-1.6.20.1 # time nice make -s
+ case amd64_linux26 in
+ case amd64_linux26 in
+ case amd64_linux26 in
+ case amd64_linux26 in
+ case amd64_linux26 in
+ case amd64_linux26 in
/usr/lib64/gcc/x86_64-suse-linux/4.8/../../../../x86_64-suse-linux/bin/ld: 
/data/openafs-1.6.20.1/lib/libauth.a(akimpersonate.o): undefined reference to 
symbol 'encode_EncTicketPart@@HEIMDAL_ASN1_1.0'
/usr/heimdal/lib64/libasn1.so.8: error adding symbols: DSO missing from command 
line
collect2: error: ld returned 1 exit status
Makefile:99: recipe for target 'ptserver' failed
make[3]: *** [ptserver] Error 1
Makefile:237: recipe for target 'ptserver' failed
make[2]: *** [ptserver] Error 2
Makefile:694: recipe for target 'build' failed
make[1]: *** [build] Error 2
Makefile:36: recipe for target 'all' failed
make: *** [all] Error 2



From: openafs-info-ad...@openafs.org <openafs-info-ad...@openafs.org> on behalf 
of Jeffrey Altman <jalt...@auristor.com>
Sent: Wednesday, April 12, 2017 8:41:54 PM
To: openafs-info@openafs.org
Subject: Re: [OpenAFS] bosserver -noauth& changes cell to localcell

On 4/12/2017 8:43 PM, Ted Creedon wrote:
> anyone know why executing bosserver -noauth& overwrites cellname.com in 
> ThisCell & CellServDB with localcell?
>
> thanks
>
> tedc


You didn't say which version of OpenAFS you are using but when 1.6.x
bosserver is executed and its attempt to load a valid configuration
fails, it then attempts to create a valid configuration.

  src/bozo/bosserver.c line 1032 of openafs-stable-1_6_x

Jeffrey Altman

___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] bosserver -noauth& changes cell to localcell

[Ted Creedon]

Sorry 1.6.20.1, looks like the dyndns setup evaporated

however after updating to heimdal-7.2.0:

ookpik:/data/openafs-1.6.20.1 # time nice make -s
+ case amd64_linux26 in
+ case amd64_linux26 in
+ case amd64_linux26 in
+ case amd64_linux26 in
+ case amd64_linux26 in
+ case amd64_linux26 in
/usr/lib64/gcc/x86_64-suse-linux/4.8/../../../../x86_64-suse-linux/bin/ld: 
/data/openafs-1.6.20.1/lib/libauth.a(akimpersonate.o): undefined reference to 
symbol 'encode_EncTicketPart@@HEIMDAL_ASN1_1.0'
/usr/heimdal/lib64/libasn1.so.8: error adding symbols: DSO missing from command 
line
collect2: error: ld returned 1 exit status
Makefile:99: recipe for target 'ptserver' failed
make[3]: *** [ptserver] Error 1
Makefile:237: recipe for target 'ptserver' failed
make[2]: *** [ptserver] Error 2
Makefile:694: recipe for target 'build' failed
make[1]: *** [build] Error 2
Makefile:36: recipe for target 'all' failed
make: *** [all] Error 2



From: openafs-info-ad...@openafs.org <openafs-info-ad...@openafs.org> on behalf 
of Jeffrey Altman <jalt...@auristor.com>
Sent: Wednesday, April 12, 2017 8:41:54 PM
To: openafs-info@openafs.org
Subject: Re: [OpenAFS] bosserver -noauth& changes cell to localcell

On 4/12/2017 8:43 PM, Ted Creedon wrote:
> anyone know why executing bosserver -noauth& overwrites cellname.com in 
> ThisCell & CellServDB with localcell?
>
> thanks
>
> tedc


You didn't say which version of OpenAFS you are using but when 1.6.x
bosserver is executed and its attempt to load a valid configuration
fails, it then attempts to create a valid configuration.

  src/bozo/bosserver.c line 1032 of openafs-stable-1_6_x

Jeffrey Altman

___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

[OpenAFS] bosserver -noauth& changes cell to localcell

[Ted Creedon]

anyone know why executing bosserver -noauth& overwrites cellname.com in 
ThisCell & CellServDB with localcell?

thanks

tedc___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

[OpenAFS] Xeon PHI port

[Ted Creedon]

Intel is planning a bootable XeonPhi 244? thread cpu. Is anyone aware of/or has 
 ideas on an OPENMP version of AFS? I expect 16gb of McDRAM onboard.

Tedc___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Weirdness after 'vos move's - core files?

[Ted Creedon]

Why not set it up in IBM's Eclipse CDT & debug it?

From: openafs-info-ad...@openafs.org  on behalf 
of Benjamin Kaduk 
Sent: Sunday, February 19, 2017 9:25:24 PM
To: Garance A Drosehn
Cc: openafs-info@openafs.org
Subject: Re: [OpenAFS] Weirdness after 'vos move's - core files?

On Sun, Feb 19, 2017 at 11:49:40AM -0500, Garance A Drosehn wrote:
>
> Is there something I could do with those core files which would help to
> figure out what the problem is with this file server?  I also have
> plenty of log files, if those would provide some clues.

Well, it's not entirely clear.  One could of course load them up in
gdb and see what the backtrace looks like, of course, but given the
described behavior, if I was in this situation, I would be looking
at hardware diagnostics on this machine (memtest86, SMART output,
bonnie++, etc.).  I do not believe that openafs is expected to be
particularly robust against failing hardware...

-Ben
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Is the OpenAFS-info mailing list still working?

[Ted Creedon]

worse than that, something is marking my messages to openafs-info as spam.

this is the  only website that this occurs on.

tedc

From: openafs-info-ad...@openafs.org  on behalf 
of Garance A Drosehn 
Sent: Sunday, February 19, 2017 8:55:10 AM
To: openafs-info@openafs.org
Subject: Re: [OpenAFS] Is the OpenAFS-info mailing list still working?

On 19 Feb 2017, at 11:33, Jeffrey Altman wrote:

> On 2/19/2017 11:19 AM, Garance A Drosehn wrote:
>> Hi.  On the last few messages I've sent to openafs-info@, the mailing
>> list does not send me a copy of the email that I sent.  Looking back
>> at older emails, the mailing list did always send me a copy.
>>
>> I do see that my messages show up at:
>>   https://lists.openafs.org/pipermail/openafs-info/2017-February/date.html
>>
>> so the mailing list isn't completely broken.  But is there something
>> odd going on with it?
>>
>
> Most likely the rpi.edu mail server is blocking mail that has an rpi.edu
> from address but was not sent from one of the approved rpi.edu mail
> servers as listed in the rpi.edu TXT record
>
> "v=spf1 ip4:128.113.2.225/29 ip4:128.113.2.231 ip4:128.113.2.232
> ip4:128.113.2.233 ip4:128.113.26.109 -all"
>
> Since the mailing list mail does not originate from one of the approved
> mail servers it is blocked.
>
> The mailing list is not broken.

Okay, that seems likely.  I believe we have made changes on our mail
server in the last two months.  It's pretty likely that this the first
time I've sent a message to this list since those changes.  Thanks!

--
Garance Alistair Drosehn= dro...@rpi.edu
Senior Systems Programmer   or   g...@freebsd.org
Rensselaer Polytechnic Institute; Troy, NY;  USA
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] OpenAFS 1.6.20.1 on AIX 7.1

[Ted Creedon]

Hardware + software

Russ stated that the PPC arch. would be best  .


Tedc

From: openafs-info-ad...@openafs.org <openafs-info-ad...@openafs.org> on behalf 
of Dave Botsch <bot...@cnf.cornell.edu>
Sent: Friday, February 10, 2017 9:24:08 AM
To: openafs-info@openafs.org
Cc: openafs-info@openafs.org
Subject: Re: [OpenAFS] OpenAFS 1.6.20.1 on AIX 7.1

Hi, Tedd.

As I understand it, the ask from IBM would be for the donation of one
AIX license for the purposes of an OpenAFS buildbot?

I'm not finding anything from Russ in this thread.

Thanks.

On Wed, Feb 08, 2017 at 11:04:51PM +, Ted Creedon wrote:
> 1. I'l be willing to plead our case w/IBM, any shortcut names/emails?
> 2. What is the desired configuration (hw & sw)?
> 3. N.b I'm on a comcast dhcp line, fast & stable as long as there are no 24 
> hr shutdowns, I use dyndns to host my domain creedon.biz.
> 4. I have several boxen on an 3KVA UPS - works fine, lots of power avail.
> 5. My shop has A/C so servers  run continuously 24/7 year 'round.
> 6. After Russ's comments is it all going to  be worthwhile?
> 7. I have 3 afs servers on line (well as soon as  I can get afs re-installed)
> 8. I have geronimo.creedon.biz as a  spare build machine.
> time nice make -j500 takes 30 sec.  Its a duplicate of ookpik.creedon.biz 
> dual xeon 64Gig, etc).
> (ookpik has a xeon phi board installed if anyone wants to play).
> 9. I built/maintain all my own servers (since 1967).
> 10. Backups are the user's resp. although my servers could easily host 
> another afs domain.
>
> 
> From: openafs-info-ad...@openafs.org <openafs-info-ad...@openafs.org> on 
> behalf of Dave Botsch <bot...@cnf.cornell.edu>
> Sent: Wednesday, February 8, 2017 10:22:54 AM
> To: openafs-info@openafs.org
> Subject: Re: [OpenAFS] OpenAFS 1.6.20.1 on AIX 7.1
>
> Hi, Ted et al.
>
> Please see below...
>
> On Mon, Feb 06, 2017 at 09:25:35PM +, Ted Creedon wrote:
> > I just happen to have a spare dual xeon 64gb linux box that could be made 
> > available.
> > and smaller MAC w/ parallels on it.
> >
> > I also have a dual 64gb xeon w/ a xeon phi card in it too. cost ~$3K
> >
> > with a little effort...
> >
> > IBM generally  waives license fees for non profits.
> > tedc
> >
>
> If you are willing to host on the HW mentioned above, as a non-profit,
> the Foundation can certainly make the ask of IBM. We would just need a
> bit more detail on the exact ask.
>
>
> > If what you meant was for the foundation
> > itself to pay for virtual build servers,
> > all that takes if for the foundation to
> > decide to spend real money.  I presume
> > they have considered that, but it might
> > be worth asking the question explicitly
> > if it has not been explicitly answered
> > (I really have not been following the
> > foundations activities).
> >
>
> W.r.t. build hosts, we've been working with folk on attempting to get a
> Windows build host or two up. Now that we are into Feb 2017, I need to
> follow up on those efforts.
>
> If there's an ask for the Foundation to spend $$ on something
> particular, be it build hosts, or even hiring someone to work on, say,
> the AIX port, please submit a formal ask to foundat...@openafs.org .
> Contigent on funds, we will really consider it. And, donating any type
> of funding towards this (for example, your org donates a $10K stipend
> towards us hiring an independant contractor to work on AIX would go a
> long way).
>
> Thanks.
>
> > It might not even cost a lot (as I recall,
> > there are various on-demand builder
> > spin-up capabilities in at least some
> > SCMs so it is free until the commit),
> > but it is all work someone would have
> > to research.
> --
> 
> David William Botsch
> OpenAFS Foundation Board
> bot...@cnf.cornell.edu
> 
> ___
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
> ___
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info

--

David William Botsch
Programmer/Analyst
@CNFComputing
bot...@cnf.cornell.edu

___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] OpenAFS 1.6.20.1 on AIX 7.1

[Ted Creedon]

1. I'l be willing to plead our case w/IBM, any shortcut names/emails?
2. What is the desired configuration (hw & sw)?
3. N.b I'm on a comcast dhcp line, fast & stable as long as there are no 24 hr 
shutdowns, I use dyndns to host my domain creedon.biz.
4. I have several boxen on an 3KVA UPS - works fine, lots of power avail.
5. My shop has A/C so servers  run continuously 24/7 year 'round.
6. After Russ's comments is it all going to  be worthwhile?
7. I have 3 afs servers on line (well as soon as  I can get afs re-installed)
8. I have geronimo.creedon.biz as a  spare build machine.
time nice make -j500 takes 30 sec.  Its a duplicate of ookpik.creedon.biz dual 
xeon 64Gig, etc).
(ookpik has a xeon phi board installed if anyone wants to play).
9. I built/maintain all my own servers (since 1967).
10. Backups are the user's resp. although my servers could easily host another 
afs domain.


From: openafs-info-ad...@openafs.org <openafs-info-ad...@openafs.org> on behalf 
of Dave Botsch <bot...@cnf.cornell.edu>
Sent: Wednesday, February 8, 2017 10:22:54 AM
To: openafs-info@openafs.org
Subject: Re: [OpenAFS] OpenAFS 1.6.20.1 on AIX 7.1

Hi, Ted et al.

Please see below...

On Mon, Feb 06, 2017 at 09:25:35PM +, Ted Creedon wrote:
> I just happen to have a spare dual xeon 64gb linux box that could be made 
> available.
> and smaller MAC w/ parallels on it.
>
> I also have a dual 64gb xeon w/ a xeon phi card in it too. cost ~$3K
>
> with a little effort...
>
> IBM generally  waives license fees for non profits.
> tedc
>

If you are willing to host on the HW mentioned above, as a non-profit,
the Foundation can certainly make the ask of IBM. We would just need a
bit more detail on the exact ask.


> If what you meant was for the foundation
> itself to pay for virtual build servers,
> all that takes if for the foundation to
> decide to spend real money.  I presume
> they have considered that, but it might
> be worth asking the question explicitly
> if it has not been explicitly answered
> (I really have not been following the
> foundations activities).
>

W.r.t. build hosts, we've been working with folk on attempting to get a
Windows build host or two up. Now that we are into Feb 2017, I need to
follow up on those efforts.

If there's an ask for the Foundation to spend $$ on something
particular, be it build hosts, or even hiring someone to work on, say,
the AIX port, please submit a formal ask to foundat...@openafs.org .
Contigent on funds, we will really consider it. And, donating any type
of funding towards this (for example, your org donates a $10K stipend
towards us hiring an independant contractor to work on AIX would go a
long way).

Thanks.

> It might not even cost a lot (as I recall,
> there are various on-demand builder
> spin-up capabilities in at least some
> SCMs so it is free until the commit),
> but it is all work someone would have
> to research.
--

David William Botsch
OpenAFS Foundation Board
bot...@cnf.cornell.edu

___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] OpenAFS 1.6.20.1 on AIX 7.1

[Ted Creedon]

can you fix this error? [This sender failed our fraud detection checks and may 
not be who they appear to be. Learn about spoofing at 
http://aka.ms/LearnAboutSpoofing]


From: openafs-info-ad...@openafs.org <openafs-info-ad...@openafs.org> on behalf 
of Ted Creedon <tcree...@easystreet.net>
Sent: Monday, February 6, 2017 1:25 PM
To: openafs-info@openafs.org
Subject: Re: [OpenAFS] OpenAFS 1.6.20.1 on AIX 7.1

[This sender failed our fraud detection checks and may not be who they appear 
to be. Learn about spoofing at http://aka.ms/LearnAboutSpoofing]

I just happen to have a spare dual xeon 64gb linux box that could be made 
available.
and smaller MAC w/ parallels on it.

I also have a dual 64gb xeon w/ a xeon phi card in it too. cost ~$3K

with a little effort...

IBM generally  waives license fees for non profits.
tedc


From: Gary Buhrmaster <gary.buhrmas...@gmail.com>
Sent: Monday, February 6, 2017 10:24 AM
To: Ted Creedon
Subject: Re: [OpenAFS] OpenAFS 1.6.20.1 on AIX 7.1

On Mon, Feb 6, 2017 at 5:34 PM, Ted Creedon <tcree...@easystreet.net> wrote:
> why not use vm's for all non linux builds?

If what you meant was for the foundation
itself to pay for virtual build servers,
all that takes if for the foundation to
decide to spend real money.  I presume
they have considered that, but it might
be worth asking the question explicitly
if it has not been explicitly answered
(I really have not been following the
foundations activities).

It might not even cost a lot (as I recall,
there are various on-demand builder
spin-up capabilities in at least some
SCMs so it is free until the commit),
but it is all work someone would have
to research.

I would not be at all surprised if the
commercial companies providing support
have not already moved in the direction
of cloud based virtual builders (makes
little sense to own a $10K server for
occasional builds), but that is for their
own customers.

If you mean architecture emulation, it can
be very slow (although might be acceptable),
but the bigger problem may be licensing of
the OS and the compilers.  Last I knew
AIX (where this started) is licensed software,
and so is XLC (if using the IBM compiler
is required for kernel modules).
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] OpenAFS 1.6.20.1 on AIX 7.1

[Ted Creedon]

I just happen to have a spare dual xeon 64gb linux box that could be made 
available.
and smaller MAC w/ parallels on it.

I also have a dual 64gb xeon w/ a xeon phi card in it too. cost ~$3K

with a little effort...

IBM generally  waives license fees for non profits.
tedc


From: Gary Buhrmaster <gary.buhrmas...@gmail.com>
Sent: Monday, February 6, 2017 10:24 AM
To: Ted Creedon
Subject: Re: [OpenAFS] OpenAFS 1.6.20.1 on AIX 7.1

On Mon, Feb 6, 2017 at 5:34 PM, Ted Creedon <tcree...@easystreet.net> wrote:
> why not use vm's for all non linux builds?

If what you meant was for the foundation
itself to pay for virtual build servers,
all that takes if for the foundation to
decide to spend real money.  I presume
they have considered that, but it might
be worth asking the question explicitly
if it has not been explicitly answered
(I really have not been following the
foundations activities).

It might not even cost a lot (as I recall,
there are various on-demand builder
spin-up capabilities in at least some
SCMs so it is free until the commit),
but it is all work someone would have
to research.

I would not be at all surprised if the
commercial companies providing support
have not already moved in the direction
of cloud based virtual builders (makes
little sense to own a $10K server for
occasional builds), but that is for their
own customers.

If you mean architecture emulation, it can
be very slow (although might be acceptable),
but the bigger problem may be licensing of
the OS and the compilers.  Last I knew
AIX (where this started) is licensed software,
and so is XLC (if using the IBM compiler
is required for kernel modules).
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Fw: it would be nice to have an administrators guide

[Ted Creedon]

Ben,

Thank you.

So far by using the eclipse IDE , I've added afslog=true to [appdefaults]

I'll implement your directions after a quick nap

-afslog doesn't cooperate, I'll figure that out today.

ted

From: Benjamin Kaduk <ka...@mit.edu>
Sent: Sunday, December 25, 2016 2:10:13 PM
To: Ted Creedon
Cc: openafs-info@openafs.org
Subject: Re: [OpenAFS] Fw: it would be nice  to have an administrators guide

On Fri, Dec 23, 2016 at 02:00:20AM +0000, Ted Creedon wrote:
>
>
> it would be nice to have an administrators guide on how to set up the keys 
> for openafs 1.8 + heimdal 7.1
>
> the intermixture of ad, heimdal & mit is confusing to say the least.
>
> could you provide one?

The main difference between the key setup for 1.6 and the key setup for 1.8
is that 1.6 uses a kerberos keytab named rxkad.keytab to store the 
server-private
keys (a regression introduced as part of the fix for OPENAFS-SA-2013-003 [0]),
whereas for 1.8 the keys an OpenAFS-specific file KeyFileExt is used.
Buried in the 1.8.0 release notes is an item that the 'akeyconvert' utility
reads rxkad.keytab and writes out the corresponding bits to KeyFileExt.
So, the short answer to your question would be to start with the quick start
guide for Unix (http://docs.openafs.org/QuickStartUnix/index.html) for the
cell setup instructions, including creating rxkad.keytab in the
"Starting the BOS Server" section, and then running 'akeyconvert' after
creating rxkad.keytab.

I do not run any heimdal-based realms or cells, so I cannot really provide
heimdal-specific instructions, but the main point of integration between
kerberos and OpenAFS is that there should be a kerberos principal
afs/@REALM in the kerberos realm to be used for the cell.  Kerberos
keys with strong (i.e., AES) encryption types should be used for that
principal, and a keytab created for it with name rxkad.keytab in the
OpenAFS server configuration directory (i.e., /etc/openafs/server on Debian).
After creating the rxkad.keytab, run 'akeyconvert' on that system, and copy
the resulting KeyFileExt to any additional AFS server machines in the cell.
Users of the cell need to have user principals in order to be able to use
aklog (or klog.krb5 is that is desired), and the PTS entries with the
corresponding names need to exist in the protection database in order
for those AFS users to be able to have filesystem permissions granted to them.

Please reply back if there are parts that need further clarification.

-Ben


[0] This is a regression because it forces most AFS binaries to be linked
against libkrb5, whereas traditionally one could operate AFS independently
of kerberos except for aklog (if desired) and asetkey.
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

[OpenAFS] Fw: it would be nice to have an administrators guide

[Ted Creedon]

it would be nice to have an administrators guide on how to set up the keys for 
openafs 1.8 + heimdal 7.1

the intermixture of ad, heimdal & mit is confusing to say the least.

could you provide one?

tedc
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Re: aklog carps Couldn't determine realm of user

[Ted Creedon]

some progress anyway, I get tokens but no /afs
export KRB5CCNAME=FILE:/run/user/0/krb5cc/primary

afsd  -stat 4000 -dcache 4000 -daemons 6 -volumes 256 -files 5
afsd: Error calling AFSOP_CACHEFILE for '/usr/vice/cache/D0/V2000'

kinit admin
ad...@creedon.biz's Password: 
 aklog
 tokens

Tokens held by the Cache Manager:

User's (AFS ID 501) tokens for a...@creedon.biz [Expires Jun 23 09:02]
   --End of list--
BUT /afs doesn't get mounted to /vicepa
ookpik:/usr/src/linux-4.1.31-30 # ls /afs
ookpik:/usr/src/linux-4.1.31-30 # mount |g afs
ookpik:/usr/src/linux-4.1.31-30 # fs mkmount /afs/.$C root.cell -rw
fs: mount points must be created within the AFS file system




From: Benjamin Kaduk <ka...@mit.edu>
Sent: Thursday, December 22, 2016 3:58:31 PM
To: Ted Creedon
Cc: openafs-info@openafs.org
Subject: Re: [OpenAFS] Re: aklog carps  Couldn't determine realm of user

On Thu, Dec 22, 2016 at 11:42:41PM +0000, Ted Creedon wrote:
> different outcome w/ 7.1.0 but no tokens from eiher afslog or aklog (still 
> carps about
> /run/user/0/krb5cc/tkt", O_RDONLY) = -1 ENOENT)

Ah, this is a "fancy" default coming into play, no doubt.  /run/user may
be isolated for various users with filesystem namespaces to prevent
cross-user attacks (though I guess that may not be coming into play here).
I also recall issues where the /run/user//krb5cc/ directory was
not created automatically, so check that it exists.


> ookpik:/data1/openafs-1.8.0pre1 # kinit -afslog admin
> ad...@creedon.biz's Password:
> ookpik:/data1/openafs-1.8.0pre1 # klist -AT
> Credentials cache: FILE:/tmp/krb5cc_0
> Principal: ad...@creedon.biz
>
>   IssuedExpires   Principal
> Dec 22 15:33:01 2016  Jun 23 07:32:57 2017  krbtgt/creedon@creedon.biz
> Dec 22 15:33:01 2016  Jun 23 07:32:57 2017  afs/creedon@creedon.biz

Okay, now the kerberos part is succeeding, so any issue here is on the AFS side.

>
>
> Dec 22 15:33:01 201  Jun 23 07:32:57 201  Tokens for creedon.biz
>
>
> ##
> aklog
> aklog: Couldn't determine realm of user:aklog: unknown RPC error 
> (-1765328189)  while getting realm

This seems to suggest that aklog -noprdb might succeed.

> #
> open("/run/user/0/krb5cc/tkt", O_RDONLY) = -1 ENOENT (No such file or 
> directory)

There are two ticket caches in play here, which can be confusing to both humans
(i.e., me) and software.  Is KRB5CCNAME modified between any of the pasted 
output
you have given here?  Did you consciously try to set either 
/run/user/0/krb5cc/tkt
or FILE:/tmp/krb5cc_0?

Is aklog linked against a heimdal or MIT libkrb5?
Please provide any /etc/krb5.conf declarations relating to names of credentials
caches.


I don't think it's particularly helpful to be randomly trying different versions
of the software; I would rather get good solid debugging output from a specific
setup and understand what is failing, so that software changes can be targetted
instead of "shotgun style".

-Ben
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Re: aklog carps Couldn't determine realm of user

[Ted Creedon]

FILE:/tmp/krb5cc_0 not = /run/user/0/krb5cc/tkt  not= to krb5cc/primary


i.e.
klist -A
says
Credentials cache: FILE:/tmp/krb5cc_0
Principal: ad...@creedon.biz
and
aklog carps about missing /run/user/0/krb5cc/tkt
but
its krb5cc/primary that exists

tree /run/user/0/
/run/user/0/
|-- KSMserver__0
|-- dconf
|   `-- user
|-- gvfs
|-- kdeinit5__0
|-- klauncherTJ3534.1.slave-socket
|-- krb5cc
|   `-- primary
|-- pulse
`-- systemd
|-- notify
`-- private

5 directories, 7 files


From: Benjamin Kaduk <ka...@mit.edu>
Sent: Thursday, December 22, 2016 3:58:31 PM
To: Ted Creedon
Cc: openafs-info@openafs.org
Subject: Re: [OpenAFS] Re: aklog carps  Couldn't determine realm of user

On Thu, Dec 22, 2016 at 11:42:41PM +0000, Ted Creedon wrote:
> different outcome w/ 7.1.0 but no tokens from eiher afslog or aklog (still 
> carps about
> /run/user/0/krb5cc/tkt", O_RDONLY) = -1 ENOENT)

Ah, this is a "fancy" default coming into play, no doubt.  /run/user may
be isolated for various users with filesystem namespaces to prevent
cross-user attacks (though I guess that may not be coming into play here).
I also recall issues where the /run/user//krb5cc/ directory was
not created automatically, so check that it exists.


> ookpik:/data1/openafs-1.8.0pre1 # kinit -afslog admin
> ad...@creedon.biz's Password:
> ookpik:/data1/openafs-1.8.0pre1 # klist -AT
> Credentials cache: FILE:/tmp/krb5cc_0
> Principal: ad...@creedon.biz
>
>   IssuedExpires   Principal
> Dec 22 15:33:01 2016  Jun 23 07:32:57 2017  krbtgt/creedon@creedon.biz
> Dec 22 15:33:01 2016  Jun 23 07:32:57 2017  afs/creedon@creedon.biz

Okay, now the kerberos part is succeeding, so any issue here is on the AFS side.

>
>
> Dec 22 15:33:01 201  Jun 23 07:32:57 201  Tokens for creedon.biz
>
>
> ##
> aklog
> aklog: Couldn't determine realm of user:aklog: unknown RPC error 
> (-1765328189)  while getting realm

This seems to suggest that aklog -noprdb might succeed.

> #
> open("/run/user/0/krb5cc/tkt", O_RDONLY) = -1 ENOENT (No such file or 
> directory)

There are two ticket caches in play here, which can be confusing to both humans
(i.e., me) and software.  Is KRB5CCNAME modified between any of the pasted 
output
you have given here?  Did you consciously try to set either 
/run/user/0/krb5cc/tkt
or FILE:/tmp/krb5cc_0?

Is aklog linked against a heimdal or MIT libkrb5?
Please provide any /etc/krb5.conf declarations relating to names of credentials
caches.


I don't think it's particularly helpful to be randomly trying different versions
of the software; I would rather get good solid debugging output from a specific
setup and understand what is failing, so that software changes can be targetted
instead of "shotgun style".

-Ben
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Re: aklog carps Couldn't determine realm of user

[Ted Creedon]

different outcome w/ 7.1.0 but no tokens from eiher afslog or aklog (still 
carps about 
/run/user/0/krb5cc/tkt", O_RDONLY) = -1 ENOENT)

ookpik:/data1/openafs-1.8.0pre1 # kinit -afslog admin
ad...@creedon.biz's Password:
ookpik:/data1/openafs-1.8.0pre1 # klist -AT
Credentials cache: FILE:/tmp/krb5cc_0
Principal: ad...@creedon.biz

  IssuedExpires   Principal
Dec 22 15:33:01 2016  Jun 23 07:32:57 2017  krbtgt/creedon@creedon.biz
Dec 22 15:33:01 2016  Jun 23 07:32:57 2017  afs/creedon@creedon.biz



Dec 22 15:33:01 201  Jun 23 07:32:57 201  Tokens for creedon.biz


##
aklog
aklog: Couldn't determine realm of user:aklog: unknown RPC error (-1765328189)  
while getting realm
#
open("/run/user/0/krb5cc/tkt", O_RDONLY) = -1 ENOENT (No such file or directory)


From: Benjamin Kaduk <ka...@mit.edu>
Sent: Thursday, December 22, 2016 12:31:50 PM
To: Ted Creedon
Cc: Michael Meffie; openafs-info@openafs.org
Subject: Re: [OpenAFS] Re: aklog carps  Couldn't determine realm of user

On Thu, Dec 22, 2016 at 07:50:02PM +, Ted Creedon wrote:
> Yes it should but it doesn't. See the conundrum in kadmin->get krbgtkt ?
> I.e how can Principal: krbtgt/creedon@creedon.biz have a ticket if it was 
> never loggged in?

It doesn't have a ticket; ad...@creedon.biz has a ticket.
The ticket that ad...@creedon.biz has is a ticket-granting ticket, i.e., the 
service
principal it is for is krbtgt/creedon@creedon.biz.

-Ben
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Re: aklog carps Couldn't determine realm of user

[Ted Creedon]

Yes it should but it doesn't. See the conundrum in kadmin->get krbgtkt ?
I.e how can Principal: krbtgt/creedon@creedon.biz have a ticket if it was 
never loggged in?

I'll try 7.1
tedc

see below:
kadmin> get krb*
Principal: krbtgt/creedon@creedon.biz
Principal expires: never
 Password expires: never
 Last password change: 2016-12-17 01:03:08 UTC
  Max ticket life: unlimited
   Max renewable life: unlimited
 Kvno: 1
Mkvno: unknown
Last successful login: never
Last failed login: never
   Failed login count: 0
Last modified: 2016-12-17 01:03:08 UTC
 Modifier: kadmin/ad...@creedon.biz
   Attributes:
 Keytypes: aes256-cts-hmac-sha1-96(pw-salt)[1], 
des3-cbc-sha1(pw-salt)[1], arcfour-hmac-md5(pw-salt)[1]
  PK-INIT ACL:
  Aliases:

Principal: krbtgt/creedon@creedon.biz
Principal expires: never
 Password expires: never
 Last password change: 2016-12-20 00:29:08 UTC
  Max ticket life: unlimited
   Max renewable life: unlimited
 Kvno: 1
Mkvno: unknown
Last successful login: never
Last failed login: never
   Failed login count: 0
Last modified: 2016-12-20 00:29:08 UTC
 Modifier: kadmin/ad...@creedon.biz
   Attributes:
 Keytypes: aes256-cts-hmac-sha1-96(pw-salt)[1], 
des3-cbc-sha1(pw-salt)[1], arcfour-hmac-md5(pw-salt)[1]
  PK-INIT ACL:
  Aliases:



From: Benjamin Kaduk <ka...@mit.edu>
Sent: Thursday, December 22, 2016 10:35:56 AM
To: Ted Creedon
Cc: Michael Meffie; openafs-info@openafs.org
Subject: Re: [OpenAFS] Re: aklog carps  Couldn't determine realm of user

On Thu, Dec 22, 2016 at 06:07:08AM +, Ted Creedon wrote:
> Heimdal set the ticket up..(I think)
> So how does one login krbtgt?
> PS making progress on the glibc/swig bug
> Suse Leap uses glibc 2.22 the current is 2.24, offhand I suspect  something 
> like a missing .align 64
> tedc
>
> ad...@creedon.biz's Password:
> ookpik:/data1/openafs-1.8.0pre1 # klist
> Credentials cache: FILE:/tmp/krb5cc_0
> Principal: ad...@creedon.biz
>
>   IssuedExpiresPrincipal
> Dec 21 21:52:59 2016  >>>Expired<<<  krbtgt/creedon@creedon.biz

This is the important part; the local TGT in the cache has expired and cannot
be used to get a new service ticket for AFS.  Running 'kinit' should prompt
for admin's password and get things into a workable state where aklog has
a chance at succeeding.

-Ben
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Re: aklog carps Couldn't determine realm of user

[Ted Creedon]

Heimdal set the ticket up..(I think)
So how does one login krbtgt?
PS making progress on the glibc/swig bug
Suse Leap uses glibc 2.22 the current is 2.24, offhand I suspect  something 
like a missing .align 64
tedc

ad...@creedon.biz's Password:
ookpik:/data1/openafs-1.8.0pre1 # klist
Credentials cache: FILE:/tmp/krb5cc_0
Principal: ad...@creedon.biz

  IssuedExpiresPrincipal
Dec 21 21:52:59 2016  >>>Expired<<<  krbtgt/creedon@creedon.biz


kadmin> get krbtgt*
Principal: krbtgt/creedon@creedon.biz
Principal expires: never
 Password expires: never
 Last password change: 2016-12-17 01:03:08 UTC
  Max ticket life: unlimited
   Max renewable life: unlimited
 Kvno: 1
Mkvno: unknown
Last successful login: never
Last failed login: never
   Failed login count: 0
Last modified: 2016-12-17 01:03:08 UTC
 Modifier: kadmin/ad...@creedon.biz
   Attributes:
 Keytypes: aes256-cts-hmac-sha1-96(pw-salt)[1], 
des3-cbc-sha1(pw-salt)[1], arcfour-hmac-md5(pw-salt)[1]
  PK-INIT ACL:
  Aliases:

Principal: krbtgt/creedon@creedon.biz
Principal expires: never
 Password expires: never
 Last password change: 2016-12-20 00:29:08 UTC
  Max ticket life: unlimited
   Max renewable life: unlimited
 Kvno: 1
Mkvno: unknown
Last successful login: never
Last failed login: never
   Failed login count: 0
Last modified: 2016-12-20 00:29:08 UTC
 Modifier: kadmin/ad...@creedon.biz
   Attributes:
 Keytypes: aes256-cts-hmac-sha1-96(pw-salt)[1], 
des3-cbc-sha1(pw-salt)[1], arcfour-hmac-md5(pw-salt)[1]
  PK-INIT ACL:
  Aliases:



From: Michael Meffie <mmef...@sinenomine.net>
Sent: Wednesday, December 21, 2016 6:15:58 AM
To: Ted Creedon
Cc: openafs-info@openafs.org
Subject: Re: [OpenAFS] Re: aklog carps  Couldn't determine realm of user

On Wed, 21 Dec 2016 02:21:13 +
Ted Creedon <tcree...@easystreet.net> wrote:

> if
> KRB5CCNAME="FILE:/tmp/krb5cc_0"
> is set
>
> one gets:
>
> aklog -d
> Authenticating to cell creedon.biz (server ookpik.creedon.biz).
> Trying to authenticate to user's realm CREEDON.BIZ.
> Getting tickets: afs/creedon@creedon.biz
> Kerberos error code returned by get_cred : -1765328352
> aklog: Couldn't get creedon.biz AFS tickets:
> aklog: Ticket expired while getting AFS tickets

Thanks for testing 1.8.0pre1 Ted.  That error code indicates
the ticket has expired,

krb5 error -1765328352 = KRB5KRB_AP_ERR_TKT_EXPIRED

What does klist show?

Thanks,
Mike



___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

[OpenAFS] Re: aklog carps Couldn't determine realm of user

[Ted Creedon]

if
KRB5CCNAME="FILE:/tmp/krb5cc_0"
is set

one gets:

aklog -d
Authenticating to cell creedon.biz (server ookpik.creedon.biz).
Trying to authenticate to user's realm CREEDON.BIZ.
Getting tickets: afs/creedon@creedon.biz
Kerberos error code returned by get_cred : -1765328352
aklog: Couldn't get creedon.biz AFS tickets:
aklog: Ticket expired while getting AFS tickets


tedc

From: openafs-info-ad...@openafs.org <openafs-info-ad...@openafs.org> on behalf 
of Ted Creedon <tcree...@easystreet.net>
Sent: Tuesday, December 20, 2016 4:28:33 PM
To: openafs-info@openafs.org
Subject: [OpenAFS] aklog carps  Couldn't determine realm of user

This sender failed our fraud detection checks and may not be who they appear to 
be. Learn about spoofing at http://aka.ms/LearnAboutSpoofing

v 1.80pre1

open("/run/user/0/krb5cc/tkt", O_RDONLY) = -1 ENOENT (No such file or directory)
write(2, "aklog: Couldn't determine realm of user:", 40) = 40

I'm stuck!

tedc
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

[OpenAFS] aklog carps Couldn't determine realm of user

[Ted Creedon]

v 1.80pre1

open("/run/user/0/krb5cc/tkt", O_RDONLY) = -1 ENOENT (No such file or directory)
write(2, "aklog: Couldn't determine realm of user:", 40) = 40

I'm stuck!

tedc
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Compile failure

[Ted Creedon]

compile fails again using the latest heimdal-master
export|g -i krb
declare -x KRB5_CONFIG="/usr/heimdal/bin/krb5-config --libs --deps"
declare -x PATH_KRB5_CONFIG="/usr/heimdal/bin/krb5-config --libs --deps"
ookpik:/data1/openafs-1.6.18.2 #


configure:27910: checking for krb5-config
configure:27941: result: /usr/heimdal/bin/krb5-config --libs --deps
configure:29042: checking for library containing res_search
configure:29073: gcc -o conftest  -I/usr/heimdal/include  -L/usr/heimdal/lib  
conftest.c  >&5
/tmp/cc8MEyGl.o: In function `main':
conftest.c:(.text+0xa): undefined reference to `res_search'
collect2: error: ld returned 1 exit status
configure:29073: $? = 1
configure: failed program was:
| /* confdefs.h */
| #define PACKAGE_NAME "OpenAFS"
| #define PACKAGE_TARNAME "openafs"
| #define PACKAGE_VERSION "1.6.18.2"
| #define PACKAGE_STRING "OpenAFS 1.6.18.2"
| #define PACKAGE_BUGREPORT ""
| #define PACKAGE_URL ""
| #define PACKAGE "openafs"
| #define VERSION "1.6.18.2"
| #define STDC_HEADERS 1

____________
From: openafs-info-ad...@openafs.org <openafs-info-ad...@openafs.org> on behalf 
of Ted Creedon <tcree...@easystreet.net>
Sent: Thursday, August 11, 2016 9:42:10 AM
Cc: openafs-info@openafs.org
Subject: Re: [OpenAFS] Compile failure

Thanks

whats the -ldl for in krb5-config?

________
From: Chaskiel Grundman <c...@andrew.cmu.edu>
Sent: Wednesday, August 10, 2016 8:08:01 AM
To: Benjamin Kaduk
Cc: Ted Creedon; openafs-info@openafs.org
Subject: Re: [OpenAFS] Compile failure

I rejected ted's reply because 2MB of logs seemed excessive. Here's a
relevant bit of the log:

configure:25263: gcc -c   conftest.c >&5
configure:25263: $? = 0
configure:25264: result: yes
configure:25301: checking size of long
configure:25320: result: 8
configure:25627: checking for krb5-config
configure:25658: result: /usr/heimdal/bin/krb5-config
configure:25668: checking for krb5 support in krb5-config
configure:25679: result: yes
configure:25695: checking for krb5_init_context
configure:25695: gcc -o conftest  -I/usr/heimdal/includeconftest.c
-Wl,--enable-new-dtags -Wl,-rpath -Wl,/usr/heimdal/lib64
-L/usr/heimdal/lib64 -lkrb5  >&5
configure:25695: $? = 0
configure:25695: result: yes
configure:26638: checking for krb5_get_error_message
configure:26638: gcc -o conftest  -I/usr/heimdal/includeconftest.c
-Wl,--enable-new-dtags -Wl,-rpath -Wl,/usr/heimdal/lib64
-L/usr/heimdal/lib64 -lkrb5  >&5
configure:26638: $? = 0
configure:26638: result: yes
configure:26645: checking for krb5_free_error_message
configure:26645: gcc -o conftest  -I/usr/heimdal/includeconftest.c
-Wl,--enable-new-dtags -Wl,-rpath -Wl,/usr/heimdal/lib64
-L/usr/heimdal/lib64 -lkrb5  >&5
configure:26645: $? = 0
configure:26645: result: yes

It suggests that krb5-config was used, but it only put -lkrb5 in
libs.
That's consistent with what I see on ubuntu trusty:

% krb5-config.heimdal --version
heimdal 1.6.99
% krb5-config.heimdal --libs
-L/usr/lib/x86_64-linux-gnu/heimdal -lkrb5

It apears to get the full set of libraries, you need to add --deps:

% krb5-config.heimdal --libs --deps
-L/usr/lib/x86_64-linux-gnu/heimdal -lkrb5 -lhx509 -lcom_err -lhcrypto
-lasn1 -lwind -lheimbase -lroken -lcrypt -pthread -lpthread -ldl -lresolv
-pthread -lpthread

___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

[OpenAFS] Re:

[Ted Creedon]

-ldl is an output... not an argument

Apparently configure needs to be modded via KRB5_CONFIG= "krb5-config --deps 
--libs" then rerun configure?
____
From: Ted Creedon
Sent: Thursday, August 11, 2016 9:42:10 AM
Cc: openafs-info@openafs.org
Subject: Re: [OpenAFS] Compile failure

Thanks

whats the -ldl for in krb5-config?


From: Chaskiel Grundman <c...@andrew.cmu.edu>
Sent: Wednesday, August 10, 2016 8:08:01 AM
To: Benjamin Kaduk
Cc: Ted Creedon; openafs-info@openafs.org
Subject: Re: [OpenAFS] Compile failure

I rejected ted's reply because 2MB of logs seemed excessive. Here's a
relevant bit of the log:

configure:25263: gcc -c   conftest.c >&5
configure:25263: $? = 0
configure:25264: result: yes
configure:25301: checking size of long
configure:25320: result: 8
configure:25627: checking for krb5-config
configure:25658: result: /usr/heimdal/bin/krb5-config
configure:25668: checking for krb5 support in krb5-config
configure:25679: result: yes
configure:25695: checking for krb5_init_context
configure:25695: gcc -o conftest  -I/usr/heimdal/includeconftest.c
-Wl,--enable-new-dtags -Wl,-rpath -Wl,/usr/heimdal/lib64
-L/usr/heimdal/lib64 -lkrb5  >&5
configure:25695: $? = 0
configure:25695: result: yes
configure:26638: checking for krb5_get_error_message
configure:26638: gcc -o conftest  -I/usr/heimdal/includeconftest.c
-Wl,--enable-new-dtags -Wl,-rpath -Wl,/usr/heimdal/lib64
-L/usr/heimdal/lib64 -lkrb5  >&5
configure:26638: $? = 0
configure:26638: result: yes
configure:26645: checking for krb5_free_error_message
configure:26645: gcc -o conftest  -I/usr/heimdal/includeconftest.c
-Wl,--enable-new-dtags -Wl,-rpath -Wl,/usr/heimdal/lib64
-L/usr/heimdal/lib64 -lkrb5  >&5
configure:26645: $? = 0
configure:26645: result: yes

It suggests that krb5-config was used, but it only put -lkrb5 in
libs.
That's consistent with what I see on ubuntu trusty:

% krb5-config.heimdal --version
heimdal 1.6.99
% krb5-config.heimdal --libs
-L/usr/lib/x86_64-linux-gnu/heimdal -lkrb5

It apears to get the full set of libraries, you need to add --deps:

% krb5-config.heimdal --libs --deps
-L/usr/lib/x86_64-linux-gnu/heimdal -lkrb5 -lhx509 -lcom_err -lhcrypto
-lasn1 -lwind -lheimbase -lroken -lcrypt -pthread -lpthread -ldl -lresolv
-pthread -lpthread

___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Compile failure

[Ted Creedon]

Thanks

whats the -ldl for in krb5-config?


From: Chaskiel Grundman <c...@andrew.cmu.edu>
Sent: Wednesday, August 10, 2016 8:08:01 AM
To: Benjamin Kaduk
Cc: Ted Creedon; openafs-info@openafs.org
Subject: Re: [OpenAFS] Compile failure

I rejected ted's reply because 2MB of logs seemed excessive. Here's a
relevant bit of the log:

configure:25263: gcc -c   conftest.c >&5
configure:25263: $? = 0
configure:25264: result: yes
configure:25301: checking size of long
configure:25320: result: 8
configure:25627: checking for krb5-config
configure:25658: result: /usr/heimdal/bin/krb5-config
configure:25668: checking for krb5 support in krb5-config
configure:25679: result: yes
configure:25695: checking for krb5_init_context
configure:25695: gcc -o conftest  -I/usr/heimdal/includeconftest.c
-Wl,--enable-new-dtags -Wl,-rpath -Wl,/usr/heimdal/lib64
-L/usr/heimdal/lib64 -lkrb5  >&5
configure:25695: $? = 0
configure:25695: result: yes
configure:26638: checking for krb5_get_error_message
configure:26638: gcc -o conftest  -I/usr/heimdal/includeconftest.c
-Wl,--enable-new-dtags -Wl,-rpath -Wl,/usr/heimdal/lib64
-L/usr/heimdal/lib64 -lkrb5  >&5
configure:26638: $? = 0
configure:26638: result: yes
configure:26645: checking for krb5_free_error_message
configure:26645: gcc -o conftest  -I/usr/heimdal/includeconftest.c
-Wl,--enable-new-dtags -Wl,-rpath -Wl,/usr/heimdal/lib64
-L/usr/heimdal/lib64 -lkrb5  >&5
configure:26645: $? = 0
configure:26645: result: yes

It suggests that krb5-config was used, but it only put -lkrb5 in
libs.
That's consistent with what I see on ubuntu trusty:

% krb5-config.heimdal --version
heimdal 1.6.99
% krb5-config.heimdal --libs
-L/usr/lib/x86_64-linux-gnu/heimdal -lkrb5

It apears to get the full set of libraries, you need to add --deps:

% krb5-config.heimdal --libs --deps
-L/usr/lib/x86_64-linux-gnu/heimdal -lkrb5 -lhx509 -lcom_err -lhcrypto
-lasn1 -lwind -lheimbase -lroken -lcrypt -pthread -lpthread -ldl -lresolv
-pthread -lpthread

___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

[OpenAFS] Compile failure

[Ted Creedon]

openafs-1.6.18.2
linux 4.1.27-27 
heimdal-master

--with-krb5=/usr/heimdal
gcc  -O -I/data1/openafs-1.6.18.2/src/config -I/data1/openafs-1.6.18.2/include 
-I. -I.  -D_LARGEFILE64_SOURCE   -o ptserver ptserver.o ptutils.o ptprocs.o 
ptint.ss.o ptint.xdr.o utils.o map.o /data1/openafs-1.6.18.2/lib/libubik.a 
/data1/openafs-1.6.18.2/lib/libauth.a /data1/openafs-1.6.18.2/lib/librxkad.a 
/data1/openafs-1.6.18.2/lib/librxstat.a /data1/openafs-1.6.18.2/lib/librx.a 
/data1/openafs-1.6.18.2/lib/liblwp.a /data1/openafs-1.6.18.2/lib/libdes.a 
/data1/openafs-1.6.18.2/lib/libcmd.a 
/data1/openafs-1.6.18.2/lib/libafscom_err.a 
/data1/openafs-1.6.18.2/lib/libsys.a /data1/openafs-1.6.18.2/lib/libafsutil.a 
-lresolv   /data1/openafs-1.6.18.2/lib/libaudit.a -Wl,--enable-new-dtags 
-Wl,-rpath -Wl,/usr/heimdal/lib64 -L/usr/heimdal/lib64 -lkrb5
/usr/lib64/gcc/x86_64-suse-linux/4.8/../../../../x86_64-suse-linux/bin/ld: 
/data1/openafs-1.6.18.2/lib/libauth.a(akimpersonate.o): undefined reference to 
symbol 'encode_EncTicketPart@@HEIMDAL_ASN1_1.0'
/usr/heimdal/lib64/libasn1.so.8: error adding symbols: DSO missing from command 
line
collect2: error: ld returned 1 exit status
Makefile:99: recipe for target 'ptserver' failed
make[3]: *** [ptserver] Error 1
make[3]: Leaving directory '/data1/openafs-1.6.18.2/src/ptserver'
Makefile:235: recipe for target 'ptserver' failed
make[2]: *** [ptserver] Error 2
make[2]: Leaving directory '/data1/openafs-1.6.18.2'
Makefile:692: recipe for target 'build' failed
make[1]: *** [build] Error 2
make[1]: Leaving directory '/data1/openafs-1.6.18.2'
Makefile:36: recipe for target 'all' failed
make: *** [all] Error 2

___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

[OpenAFS] hard drive relaibility

[Ted Creedon]

During a drive upgrade a brand new WD29EFRX 2TB drive  containing my RW volumes 
crashed.

After talking to drive recovery firms I've learned that the new reliability 
philosophy is cheap drives & rely on the users RAID for recovery,

Fortunately I have 4 RO backups,

One repair firm said they see new drives with incredible amounts of dirt inside.

Here is a drive reliability report.

http://www.extremetech.com/computing/228497-backblaze-releases-billion-hour-hard-drive-reliability-report

Looks like solid state drives + thumb drives for off site storage is the way ti 
go.

tedc

___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

[OpenAFS] Compiling w/ heimdal

[Ted Creedon]

Any clues?
linux v 4.1.15-8
afs v 1.6.17
heimdal 1.6.99 (master)
carps
 

gcc  -O -I/data/openafs-1.6.17/src/config -I/data/openafs-1.6.17/include -I. 
-I.  -D_LARGEFILE64_SOURCE   -o ptserver ptserver.o ptutils.o ptprocs.o 
ptint.ss.o ptint.xdr.o utils.o map.o /data/openafs-1.6.17/lib/libubik.a 
/data/openafs-1.6.17/lib/libauth.a /data/openafs-1.6.17/lib/librxkad.a 
/data/openafs-1.6.17/lib/librxstat.a /data/openafs-1.6.17/lib/librx.a 
/data/openafs-1.6.17/lib/liblwp.a /data/openafs-1.6.17/lib/libdes.a 
/data/openafs-1.6.17/lib/libcmd.a /data/openafs-1.6.17/lib/libafscom_err.a 
/data/openafs-1.6.17/lib/libsys.a /data/openafs-1.6.17/lib/libafsutil.a 
-lresolv   /data/openafs-1.6.17/lib/libaudit.a -Wl,--enable-new-dtags 
-Wl,-rpath -Wl,/usr/heimdal/lib64 -L/usr/heimdal/lib64 -lkrb5
/usr/lib64/gcc/x86_64-suse-linux/4.8/../../../../x86_64-suse-linux/bin/ld: 
/data/openafs-1.6.17/lib/libauth.a(akimpersonate.o): undefined reference to 
symbol 'encode_EncTicketPart@@HEIMDAL_ASN1_1.0'
/usr/heimdal/lib64/libasn1.so.8: error adding symbols: DSO missing from command 
line
collect2: error: ld returned 1 exit status
Makefile:99: recipe for target 'ptserver' failed
make[3]: *** [ptserver] Error 1
make[3]: Leaving directory '/data/openafs-1.6.17/src/ptserver'
Makefile:235: recipe for target 'ptserver' failed
make[2]: *** [ptserver] Error 2
make[2]: Leaving directory '/data/openafs-1.6.17'
Makefile:692: recipe for target 'build' failed
make[1]: *** [build] Error 2
make[1]: Leaving directory '/data/openafs-1.6.17'
Makefile:36: recipe for target 'all' failed
make: *** [all] Error 2




___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] compile fails kernel version 4.4.0-1-default

[Ted Creedon]

I would have too think that after all this time whatever license there is has 
been overtaken by events.


What would IBM do - sue a penniless entity? IBM is not being damaged, in fact 
its users running IBM PCs and other hardware have benefited from the free 
support.


I look at any agreement as a "bait and switch" that enabled IBM to relieve 
itself from the cost of supporting a defective product.


In fact IBM licensed a "Pig in a poke".


Take the ball and run with it.


Tedc


From: Edgecombe, Jason <jwedg...@uncc.edu>
Sent: Wednesday, March 2, 2016 10:25 AM
To: Brandon Allbery
Cc: Ted Creedon; openafs-info@openafs.org
Subject: Re: [OpenAFS] compile fails kernel version 4.4.0-1-default

Can the OpenAFS folks work on kAFS? I was under the impression that they were 
"tainted" by having read the IBM-provided code.

---
Jason Edgecombe | Linux Administrator
UNC Charlotte | The William States Lee College of Engineering
9201 University City Blvd. | Charlotte, NC 28223-0001
Phone: 704-687-1943
jwedg...@uncc.edu<mailto:jwedg...@uncc.edu> | http://engr.uncc.edu |  Facebook
---
If you are not the intended recipient of this transmission or a person 
responsible for delivering it to the intended recipient, any disclosure, 
copying, distribution, or other use of any of the information in this 
transmission is strictly prohibited. If you have received this transmission in 
error, please notify me immediately by reply e-mail or by telephone at
704-687-1943.  Thank you.

On Wed, Mar 2, 2016 at 10:21 AM, Brandon Allbery 
<ballb...@sinenomine.net<mailto:ballb...@sinenomine.net>> wrote:
Not until someone adds pioctl support to it.

-Original Message-
From: openafs-info-ad...@openafs.org<mailto:openafs-info-ad...@openafs.org> 
[mailto:openafs-info-ad...@openafs.org<mailto:openafs-info-ad...@openafs.org>] 
On Behalf Of Ted Creedon
Sent: Wednesday, March 2, 2016 10:13 AM
Cc: openafs-info@openafs.org<mailto:openafs-info@openafs.org>
Subject: Re: [OpenAFS] compile fails kernel version 4.4.0-1-default

Would it be appropriate to force a move to kafs now?


From: openafs-info-ad...@openafs.org<mailto:openafs-info-ad...@openafs.org> 
<openafs-info-ad...@openafs.org<mailto:openafs-info-ad...@openafs.org>> on 
behalf of Benjamin Kaduk <ka...@mit.edu<mailto:ka...@mit.edu>>
Sent: Tuesday, March 1, 2016 7:31 PM
To: Michael Laß
Cc: OpenAFS-info@openafs.org<mailto:OpenAFS-info@openafs.org>
Subject: Re: [OpenAFS] compile fails kernel version 4.4.0-1-default

On Tue, 1 Mar 2016, Michael Laß wrote:

> Hi!
>
> Am 23.01.2016 um 18:22 schrieb Benjamin Kaduk 
> <ka...@mit.edu<mailto:ka...@mit.edu>>:
> >
> > Though the patches linked there are sufficient to permit the build
> > to complete, there are some more subtle behavior changes in the
> > kernel in that some of the splice functions will now return
> > ERESTARTSYS if there is any signal pending in the current process.
> > In particular, there are presumed to be codepaths for which we do
> > not have proper error handling, that could lead to data loss.
> > Further analysis is needed (which I am not prepared to undertake at 
> > present).
>
> It seems like you were spot on with this. Some Arch Linux users have been 
> brave enough to test OpenAFS with these patches on Linux 4.4. One reported a 
> data corruption issue now. Quote from 
> https://aur.archlinux.org/packages/openafs/:
>
> > I tried the patch and I get problems. When I do checkout a different branch 
> > of my software from a git repository things fail and I'm left with a 
> > corrupted workspace. The log files shows the following message:
> > kernel: afs: Lost contact with file server ... in cell ... (code
> > -512) (all multi-homed ip addresses down for the server)
> > kernel: afs: failed to store file (network problems)
> > kernel: afs: file server ... in cell ... is back up (code 0)
> > (multi-homed address; other same-host interfaces may still be down)
>
>
> Guess what error core -512 is… Yep, it’s -ERESTARTSYS.
>
> So there is definitely some additional work required for Linux 4.4.

Hi Michael,

Thank you for reporting this back to the list.  To the list members:

I would like to point out that no openafs developer has stated that they are 
working on this issue, and it appears that a proper fix will require 
modifications through many different parts of the cache manager; that is, it 
will be an invasive change that requires substantial development effort.  There 
is a real risk that OpenAFS will not be able to support kernels from the

Re: [OpenAFS] compile fails kernel version 4.4.0-1-default

[Ted Creedon]

Would it be appropriate to force a move to kafs now?


From: openafs-info-ad...@openafs.org  on behalf 
of Benjamin Kaduk 
Sent: Tuesday, March 1, 2016 7:31 PM
To: Michael Laß
Cc: OpenAFS-info@openafs.org
Subject: Re: [OpenAFS] compile fails kernel version 4.4.0-1-default

On Tue, 1 Mar 2016, Michael Laß wrote:

> Hi!
>
> Am 23.01.2016 um 18:22 schrieb Benjamin Kaduk :
> >
> > Though the patches linked there are sufficient to permit the build to
> > complete, there are some more subtle behavior changes in the kernel in
> > that some of the splice functions will now return ERESTARTSYS if there is
> > any signal pending in the current process.  In particular, there are
> > presumed to be codepaths for which we do not have proper error handling,
> > that could lead to data loss.  Further analysis is needed (which I am not
> > prepared to undertake at present).
>
> It seems like you were spot on with this. Some Arch Linux users have been 
> brave enough to test OpenAFS with these patches on Linux 4.4. One reported a 
> data corruption issue now. Quote from 
> https://aur.archlinux.org/packages/openafs/:
>
> > I tried the patch and I get problems. When I do checkout a different branch 
> > of my software from a git repository things fail and I'm left with a 
> > corrupted workspace. The log files shows the following message:
> > kernel: afs: Lost contact with file server ... in cell ... (code -512) (all 
> > multi-homed ip addresses down for the server)
> > kernel: afs: failed to store file (network problems)
> > kernel: afs: file server ... in cell ... is back up (code 0) (multi-homed 
> > address; other same-host interfaces may still be down)
>
>
> Guess what error core -512 is… Yep, it’s -ERESTARTSYS.
>
> So there is definitely some additional work required for Linux 4.4.

Hi Michael,

Thank you for reporting this back to the list.  To the list members:

I would like to point out that no openafs developer has stated that they
are working on this issue, and it appears that a proper fix will require
modifications through many different parts of the cache manager; that is,
it will be an invasive change that requires substantial development
effort.  There is a real risk that OpenAFS will not be able to support
kernels from the 4.4 series and newer -- the openafs package is slated for
removal from Debian testing in just three weeks.

If there are sites that will be adversely affected by the lack of a
functioning openafs client for linux kernel 4.4 or newer, it will be
easier if they can contribute resources now, rather than months from now
when these kernels make their way into the linux distributions deployed at
these sites.

-Ben
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Release of MacOS 10 client

[Ted Creedon]

Competition is the life of trade. 


From: openafs-info-ad...@openafs.org  on behalf 
of Jeffrey Altman 
Sent: Wednesday, January 27, 2016 2:09 PM
To: openafs-info@openafs.org
Subject: Re: [OpenAFS] Release of MacOS 10 client

On 1/27/2016 1:23 PM, Garrett Wollman wrote:
>
> Jeffrey,
>
> Those of us who are not AuriStor customers are naturally reluctant to
> depend on AuriStor's continued generosity in making these clients
> freely available.  (And those of us who are SNA customers are
> naturally desirous of a client that is supported under our SNA
> contracts.)
>
> -GAWollman

Garrett,

At the moment fewer than 4% of client downloads from our site are being
used to access cells that fund the development of those clients.  It is
for that exact reason that we stopped distributing clients via the
OpenAFS web site.  Even though all of the effort, expenses and liability
associated with producing the Windows and OSX and iOS clients were borne
by AuriStor, Inc. (formerly known as Your File System, Inc.), the money
that should have paid for the development went into someone else's bank
account.

Developers do not work for free.  If you full time job is developing and
supporting a distributed file system, it is not a hobby and you expect
to get paid.  Otherwise it isn't possible to put a roof over your head
and feed your spouse and kids.

  freeloader
  noun
  a person who takes advantage of others' generosity without giving
  anything in return.

This is the appropriate term describing the vast majority of AFS cell
operators around the globe.   My guess is that fewer than 20% of cell
operators spend any money supporting the development, packaging and
distribution of software supporting their cell.

The AuriStor File System is not free.  There are real costs associated
with developing the clients, the servers, and the admin tooling.  Not to
mention mobile friendly html5 web front-ends, nfs3 front ends, and other
proxy services.  AuriStor clients are not built from the OpenAFS code
base.  They are built from the AuriStor code base and provide seamless
access to IBM AFS 3.6, OpenAFS and AuriStor File System services.

As the saying goes, you get what you pay for.  If you want a file system
that provides wire privacy that isn't using a watered down 1970s
deprecated encryption system, support for the IPv6 that is available
from your home and mobile Internet providers, the ability to host imap
mail or other multi-writer workloads in /afs without melting down the
cell, and the ability to saturate servers with multiple 10gbit NICs,
give us a ring.

Jeffrey Altman

___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

[OpenAFS] compile fails kernel version 4.4.0-1-default

[Ted Creedon]

/data/openafs-1.6.16/src/libafs/MODLOAD-4.4.0-1-default-ted-MP/osi_groups.c:612:29:
 error: ‘union key_payload’ has no member named ‘value’
   keyring_pag = key->payload.value;
 ^
scripts/Makefile.build:259: recipe for target 
'/data/openafs-1.6.16/src/libafs/MODLOAD-4.4.0-1-default-ted-MP/osi_groups.o' 
failed

___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] make fails on linux 4.3.0-1

[Ted Creedon]

1. cherry pick acinclude.m4.zip
2. unzip
3. run regen.sh
4. make install

seems to work so far

thanks

tedc


From: Michael Meffie <mmef...@sinenomine.net>
Sent: Friday, November 13, 2015 10:26 AM
To: Benjamin Kaduk
Cc: Ted Creedon; OpenAFS-info@openafs.org
Subject: Re: [OpenAFS] make fails on linux 4.3.0-1

On Fri, 13 Nov 2015 12:07:52 -0500
Benjamin Kaduk <ka...@mit.edu> wrote:

> On Fri, 13 Nov 2015, Ted Creedon wrote:
>
> > or opensuse tumbleweed
> >
> > make[3]: Entering directory '/data/openafs-1.6.15/src/gtx'
>
> gtx is hardly an essential part of openafs; I would recommend that someone
> backports commit 5d53c12b95c6ffac6c00e4fec6138a51b6185dd7 and you can just
> disable building gtx.

Here's a cherry-pick for 1.6.x,

   http://gerrit.openafs.org/12095

which adds the --disable-gtx option to configure.

Thanks,
Mike

--
Michael Meffie <mmef...@sinenomine.net>
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

[OpenAFS] make fails on linux 4.3.0-1

[Ted Creedon]

or opensuse tumbleweed

make[3]: Entering directory '/data/openafs-1.6.15/src/gtx'
gcc -fPIC  -O -I/data/openafs-1.6.15/src/config -I/data/openafs-1.6.15/include 
-I. -I.  -D_LARGEFILE64_SOURCE   -c curseswindows.c
curseswindows.c: In function ‘gator_cursesgwin_getdimensions’:
curseswindows.c:779:27: error: dereferencing pointer to incomplete type ‘WINDOW 
{aka struct _win_st}’
 aparms->maxx = cwp->wp->_maxx;
   ^
/data/openafs-1.6.15/src/config/Makefile.config:149: recipe for target 
'curseswindows.o' failed
make[3]: *** [curseswindows.o] Error 1
make[3]: Leaving directory '/data/openafs-1.6.15/src/gtx'
Makefile:348: recipe for target 'gtx' failed
make[2]: *** [gtx] Error 2
make[2]: Leaving directory '/data/openafs-1.6.15'
Makefile:692: recipe for target 'build' failed
make[1]: *** [build] Error 2
make[1]: Leaving directory '/data/openafs-1.6.15'
Makefile:36: recipe for target 'all' failed
make: *** [all] Error 2
oo___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] OpenAFS still in development?

[Ted Creedon]

My daughter's system - a light user- requires weekly rebooting - same
scenario as Brandon's.

FYI When SUN migrated from SUN OS to SV5 R4 1,000 fatal bugs were
discovered  fixed.

The only problem I have with Linux is the constant upgrading  kernel
module recompiling.

What Linux needs is a MS driver compatibility mode.

Tedc

On Mon, Jun 22, 2015 at 7:16 AM, Brandon Allbery ballb...@sinenomine.net
wrote:

 On Mon, 2015-06-22 at 10:12 -0400, Daria Brashear wrote:
 
  On Mon, Jun 22, 2015 at 10:09 AM, Ted Creedon
  tcree...@easystreet.net wrote:
  EG OSX has a memory leak that requires weekly rebooting (per
  apple support)


  Details? Cuz uh, I'm not rebooting weekly and...
 

 I've been rebooting weekly for essentially the entire time I've used OS
 X (back to Tiger on PPC) because of various memory leaks that become
 evident as slowness and failure of some services after about a week of
 operation. I am not sure this is what Ted is getting at, though.

 (Granting that my normal use of pretty much any system is likely to be
 regarded by others as a stress test. :)

 --
 brandon s allbery kf8nh   sine nomine associates
 allber...@gmail.com  ballb...@sinenomine.net
 unix openafs kerberos infrastructure xmonadhttp://sinenomine.net

Re: [OpenAFS] OpenAFS still in development?

[Ted Creedon]

EG OSX has a memory leak that requires weekly rebooting (per apple support)

On Sunday, June 21, 2015, Harald Barth h...@kth.se wrote:


  I do not believe that the OpenAFS mailing lists are an appropriate forum
  to discuss AuriStor.  My response to Michael provided details on
  AuriStor because I felt it was necessary in order to properly answer the
  implied questions.

 What I've learned so far from AuriStor it looks like it could be a
 replacement for OpenAFS on the platforms it's available. And it can
 more as Jeff tells us. If that strategy is good advertising depends
 on cultural background.

  The question of supported platforms is an interesting one because it
  is very unclear what it means for OpenAFS to support a platform.  What
  are the criteria?  Is it sufficient to say that if you can build OpenAFS
  on the OS and hardware architecture that it is supported?

 Sorry, supported was probably a bad choice of word. But I don't know
 if availabe or runable or it builds it ships would be better.

  I am quite sure there are other criteria that could be added to the mix.

 I know that you take supported very seriously. I would be happy if
 other software vendors (which are not into file systems) would do that
 as well.

   * Linux
 . Red Hat Enterprise Linux
   (YFSI is a Red Hat Technology Partner)
 . Fedora
 . Debian
 . Ubuntu
   * Microsoft Windows
   * Apple OSX and iOS
   * Oracle Solaris
   * IBM AIX
   * Android
 
  Servers are supported everywhere but on Windows, iOS and Android but the
  performance varies significantly based upon the OS release, processor
  architecture, and underlying hardware so there are combinations that we
  recommend and those we do not.
 
  The failure to list an OS family or Linux distribution does not imply
  that YFSI will not support AuriStor on that platform.  It only implies
  that there has been insufficient customer interest to this point for
  YFSI to expend the necessary resources on development, testing and
  certification (where applicable.)

 Thanks for the list. I guess on the main HW which is amd64 for most
 of the OSes above. Both at work and privately I run OpenAFS on
 platforms that are not on the list and even in the future will not
 have much customer interest.

  In the end software development has to be a partnership between those
  that build and those that deploy.  If those that deploy do not fund
  those that build there will not be sufficient development hours and
  talent to build the solutions those that deploy require.

 I see that this partnership has stopped working in many places. It
 makes me sad.

  P.S. My apologies for the long reply.

 You don't need to apologise.

 Harald.
 ___
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org javascript:;
 https://lists.openafs.org/mailman/listinfo/openafs-info

[OpenAFS] Criteria for platform support

[Ted Creedon]

My observation is that a platform is supported when the software operates
in conformance with the:

Use's manual
Users Reference Manual
System Administrator's Manual
System Administrator's Reference Manual

And interfaces that use published C++ header files that compile  link

Otherwise the 1:10:100 ratio applies. (1 to fix in design, 10 in coding,
100 after release)

The IBM docs hash all this together.

Tedc

Re: [OpenAFS] Windows XP SP3 NIM not working

[Ted Creedon]

MIT krb5 3.2.2
NetIdMgr 1.3.1.0
oafs .1.6.2

don't work together but updating to:

oafs 1.7.3100

seems to work fine

I'll keep you posted as O upgrade other XP SP3 systems


On Wed, Jan 21, 2015 at 6:00 AM, Karel Nykles knyk...@civ.zcu.cz wrote:

 Did you try recomended version for XP, which is 1.6?
 Or combination OpenAFS 1.6, MIT KFW, NIM 2.102?
 For now unsupported XP system, it should be ok.

 Karel

 Dne 4. 1. 2015 v 1:41 Ted Creedon napsal(a):
  The 2.1.02 NetIdMgr carps
 
  failed to load  module openafs, mitkrb5, mitkrb4
 
  heimdal is installed and the kinit, aklog,t okens commands work fine
 
  1.7.3.200  OAFS for win otherwise works fine
 
  tedc
 
 ___
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/mailman/listinfo/openafs-info

[OpenAFS] Windows XP SP3 NIM not working

[Ted Creedon]

The 2.1.02 NetIdMgr carps

failed to load  module openafs, mitkrb5, mitkrb4

heimdal is installed and the kinit, aklog,t okens commands work fine

1.7.3.200  OAFS for win otherwise works fine

tedc

Re: [OpenAFS] Request for testing: NATs and 1.6.6pre*

[Ted Creedon]

Would this be why the hourglass symbol no longer appears from a windows XP
client?

Without the hourglass one can't tell if the mouse click on the folder
registered.

tedc


On Thu, Dec 19, 2013 at 9:29 PM, Jukka Tuominen 
jukka.tuomi...@finndesign.fi wrote:


 Hi Andrew,

 I'm running the latest stable fileserver released over

 ppa.launchpad.net/openafs/stable/ubuntu

 which is currently 1.6.5.1 (OS: Ubuntu 10.04 LTS)

 I use a client image that works behind NAT, both inside LAN and over WAN.
 But it does use the latest OpenAFS packages provided by the above
 mentioned ppa server, too.

 Even though things work nicely usability-wise (just boot and log-in
 graphically), I still think it should have a bit smoother two-way data
 transfer behind the scene. Applications like Firefox like to write
 constantly something to a homedir which happens to be on a server. This
 sometimes freezes the application momentarily, even though the amount of
 data transferred is still modest.

 If you think this is the kind of configuration you're interested, and you
 can provide a patch file that works on top of this, I could try to test it
 during the weekend.


 br, jukka

 BTW, if anybody's interested in knowing what OpenAFS is used for here,
 please see www.liitin.org


  Hi all,
 
  1.6.6pre1 and 1.6.6pre2 contain an extra feature in the OpenAFS
  fileserver that could possibly help with communicating with clients
  behind NATs (Network Address Translation). It's not completely certain
  how much this feature helps, though, so it will be removed from the
  1.6.6 release unless we get some more information about it.
 
  If you are running a fileserver that you believe may have some trouble
  talking to clients behind NATs, testing this feature would be very
  helpful. This is most relevant for any site that may have fileservers
  that are talking to NAT'ed clients, where the clients are old enough to
  not have the client-side NAT improvements (pre-1.6); this is most common
  at sites that have users accessing AFS from home that don't know much
  about AFS. You can test this new feature by just running a fileserver
  with 1.6.6pre* and see if anything improves; there is no additional
  configuration or anything to do.
 
  But how do you know if this is a problem for you at all? Usually the
  most user-visible symptom is that access to AFS hangs while a client is
  tryign to write to AFS, but a lot of different things can cause that.
 
  To know if that is being caused _specifically_ because of problems
  reaching clients behind NATs, you can check the fileserver's FileLog. In
  there, if you see a lot of log messages talking about errors trying to
  contact specific IPs and port numbers, you may be suffering from this.
 
  In particular, it's somewhat likely to be related to NATs if you see a
  lot of such error messages logged referring to non-7001 ports. And it's
  especially likely if you see a lot of connection errors for non-7001
  ports that are obviously incrementing over time. (For example, you see
  an error for port 8005, then 8006, then 8007, etc, all from the same
  IP.)
 
  It can also help to know if the IPs you see logged in FileLog are behind
  NATs in the first place. If you have no way of knowing that, you can
  sort-of detect what hosts may be behind NATs by sending the fileserver
  the SIGXCPU signal, and looking at the resulting
  /usr/afs/local/hosts.dump file. If you see an entry for a host with a
  public IP like ip:203.0.113.40, and later on in that entry you see a
  list of IPs that include private IPs, like [ 203.0.113.40:7001
  192.168.1.5:7001], that host may be behind a NAT.
 
  Detecting a client behind a NAT in this way is far from perfect, but
  it's just another things to check. Common private IP ranges are of
  course 192.168/16, 172.16/20, and 10/8. A client can obviously be behind
  a NAT without an IP in any of those ranges, but those are commonly used
  by consumer-grade home routers and stuff like that.
 
 
  Anyway, if you ever look into why an OpenAFS fileserver appears to be
  slow/hanging, and the above information suggests that client NATs are an
  issue, it would be very helpful if you tried looking into some posible
  fixes. If you cannot deploy 1.6.6pre* on a server experiencing this
  issue, we can also provide patches specifically for this issue based on
  a previous stable version, if that's more feasible. There are also
  additional possible patches in this area that are not in 1.6.6pre*, if
  you want to try other approaches.
 
  Or even if you can't actually deploy any testing code, I'd still like to
  hear from you if you think you are experiencing issues in this area.
  More information is always appreciated. Remember that if we don't hear
  anything, this will be pulled out.
 
 
  For developers: obviously I'm skipping over the details of what any of
  this actually does. The 'extra feature' is gerrit 9420, which will be
  reverted via gerrit 10135. See also: 

Re: [OpenAFS] Re: Shared admin access for buildbot master

[Ted Creedon]

Would a SuSE build slave be helpful?


On Mon, Sep 9, 2013 at 6:41 PM, Jeffrey Altman jalt...@secure-endpoints.com
 wrote:

 [Moving to openafs-info]

 Jason,

 You are the admin because you volunteered to be.  Not for any other
 reason.  You are welcome to share the responsibility with anyone you trust.

 Jeffrey Altman

 On 9/9/2013 9:18 PM, Jason Edgecombe wrote:
  Hi everyone,
 
  I would like to discuss the topic of sharing admin access and duties
  with others. What would the group like to see happen?
 
  Currently, I am the admin for the buildbot master (and the debian-i386
  slave on the same machine), and I'm the admin of the rhel5 buildslave.
 
  We've had fewer people offer to administer build slaves than host them.
 
  Thanks,
  Jason
  ___
  release-team mailing list
  release-t...@openafs.org
  http://lists.openafs.org/mailman/listinfo/release-team

Re: [OpenAFS] vos shadow to backup user homes

[Ted Creedon]

I usually mount not only /vicepxx but also /usr/afs  /usr/vice on the raid
drives, that way a motherboard upgrade requires swapping the controller 
drives.

A consistent problem is raid driver upgrades which for the low end
controllers never happen.


On Mon, Aug 26, 2013 at 6:46 AM, step...@physics.unc.edu wrote:

 Hi Shouri,

 I've used shadow volumes in the past. Thankfully I never had to test
 bringing an entire shadow server into production. I also plan to use it in
 the near future (barring contrary advice from the list) for a server which
 houses dozens of TBs of research data for a project which can suffer some
 downtime (as long as it's unavoidable) but not as much downtime as would be
 needed to restore dozens of ~1TB volumes.

 I'll leave the topic open though, and would welcome comments on shadow
 volumes from any of the devs.

 Regarding rsync, depending on the size of your partitions, its performance
 may make you cry. I use an rsync-based backup application for my non-AFS
 data and am starting to surpass the limits of what rsync can do in a
 reasonable amount of time and RAM on current hardware.

 However the main reason I'm replying is your comment about RAID. IMO,
 anytime you're configuring a mission-critical system without RAID you're
 probably asking for future headaches. I think the only time I'd consider it
 is if the system had no unique data on it and could be made part of a HA
 cluster using [heartbeat, etc]. But at that point you're just abstracting
 your redundancy at a different level.

 All of my database and fileservers currently use hardware raid (3ware or
 LSI/PERC). But one of my idle time projects -- a bit of an inside joke
 since I have no idle time -- is to play around with ZFS on linux to see if
 I feel it's ready for prime time yet or not.

 PS. I noticed Associate Professor in your signature. Have you consulted
 with your local IT support? If they're not overworked, they may have
 additional advice specific to your site, discipline, etc.

 Cheers,
 Stephen

 On Sun, 25 Aug 2013, Shouri Chatterjee wrote:


 Dear All,

 I wanted to ask about vos shadow and whether it is being used as a
 solution on production systems to back-up user home directories.

 The most significant information I can find is a thread from this email
 archive last year. http://lists.openafs.org/**
 pipermail/openafs-info/2012-**December/039077.htmlhttp://lists.openafs.org/pipermail/openafs-info/2012-December/039077.html

 I can dedicate a server to host only shadow volumes. If an active server
 fails and dies, the shadow copy can be brought online. Is this a better
 solution than, say:
 (1) keeping a periodically rsync'd copy of the /vicepx partitions on a
 shadow server
 (2) afs over drbd

 I am trying to use commodity hardware (no RAID, no scope for software
 RAID either) to build cheap AFS storage.

 Shouri

 

 Shouri Chatterjee
 Associate Professor
 Department of Electrical Engineering
 IIT Delhi, Hauz Khas
 New Delhi 110016
 India

 Phone:  +91 11 2659 1099 (O)
 +91 11 2659 1619 (R)


 __**_
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/**mailman/listinfo/openafs-infohttps://lists.openafs.org/mailman/listinfo/openafs-info

  __**_
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/**mailman/listinfo/openafs-infohttps://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] vos shadow to backup user homes

[Ted Creedon]

The only problem with MD RAID is the lack of admin software support.
If anyone knows of a good GUI...




On Mon, Aug 26, 2013 at 8:06 AM, Harald Barth h...@kth.se wrote:


  However the main reason I'm replying is your comment about RAID. IMO,
  anytime you're configuring a mission-critical system without RAID
  you're probably asking for future headaches.

 My experiences with RAID, especially HW-Raid is mixed. Last week I
 got an DL360 G4 with some built-in HW-RAID(5) that returned read
 errors from the RAID to the OS without failing any drive(s). On an
 email server. Looks to me like a serious bug in the RAID-firmware. I
 even have found high-end RAID (Rio) whose memory did not deploy any
 ECC. One device did make stripes of zeroes into every block that got
 through it. Then there are HW-RAIDs which can detect silent bit-rot
 on your HDs and some that can't.

  All of my database and fileservers currently use hardware raid (3ware
  or LSI/PERC). But one of my idle time projects -- a bit of an inside
  joke since I have no idle time -- is to play around with ZFS on linux
  to see if I feel it's ready for prime time yet or not.

 I currently trust linux SW RAID (MD) and ZFS more than any HW RAID. So
 almost all our file servers have been migrated from HW-RAID to SW-RAID
 or ZFS.

 Plan is to complement that with shadow volumes for some volumes which
 have data that need an way of instant resore.

 Harald.
 ___
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Upgrading

[Ted Creedon]

I have /vicepa and /usr/afs and /usr/vice all mounted on their own
partitions

then I install the new linux, recompile openaffs, install the init scrips
and everything works fiine on 3 servers.

I've done this on every suse release since 9.x

Tedc

On Thu, Apr 4, 2013 at 8:01 AM, Bill MacAllister w...@stanford.edu wrote:



 --On Thursday, April 04, 2013 05:45:27 AM -0700 J skyliner...@yahoo.com
 wrote:

  Wondering if anyone can offer advice as to how best upgrade OpenAFS
 on Debian 5.0.2.  The OpenAFS kernel module package is listed as
 openafs-modules-2.6.26-2-486.

 Should I upgrade Linux first, then OpenAFS?  Or vice versa?  Another
 option would be to build a new server, but I'm wondering which would
 be the less convoluted path.

 Any tutorials or information you can point me to is appreciated.

 John


 If you build a second server you will not need any down time.  You get
 the second server working and vos move everything there.  Then
 shutdown or rebuild the first server.  It makes sense to just upgrade
 the first server and keep it.  Then next time you want to upgrade it
 is a lot less work.  If you do it this way you will want to use Russ
 Allbery's mvto:

  
 http://www.eyrie.org/~eagle/**software/afs-admin-tools/mvto.**htmlhttp://www.eyrie.org/~eagle/software/afs-admin-tools/mvto.html

 Bill

 --

 Bill MacAllister
 Infrastructure Delivery Group, Stanford University

 __**_
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/**mailman/listinfo/openafs-infohttps://lists.openafs.org/mailman/listinfo/openafs-info

[OpenAFS] compile problem w/ 1.6.2 on kernel 3.7.10-1.1 OpenSuSE 12.3 RC2

[Ted Creedon]

OpenSuSE 12.3 RC2 kernel 3.7.10-1.1

./configure --enable-transarc-paths  --enable-namei-fileserver \
--with-linux-kernel-headers=/usr/src/linux --enable-supergroups \
--enable-bitmap-later

compile_et.o: In function `main':
compile_et.c:(.text+0x6ea): undefined reference to `yyin'
compile_et.c:(.text+0x70f): undefined reference to `yyout'
compile_et.c:(.text+0x726): undefined reference to `yyout'
compile_et.c:(.text+0x9f1): undefined reference to `yyin'
compile_et.o: In function `yyerror':
compile_et.c:(.text+0xc91): undefined reference to `yylineno'
error_table.o: In function `yyparse':
error_table.c:(.text+0x948): undefined reference to `yylex'
error_table.c:(.text+0xdca): undefined reference to `yylex'
collect2: error: ld returned 1 exit status
make[3]: *** [compile_et] Error 1
make[2]: *** [comerr] Error 2
make[1]: *** [build] Error 2
make: *** [all] Error 2

1.6.2 compiles OK on kernel 3.1.10-1.16

Re: [OpenAFS] compile problem w/ 1.6.2 on kernel 3.7.10-1.1 OpenSuSE 12.3 RC2

[Ted Creedon]

both byacc  bison were installed, removed byacc

compiling now..

thanks

tedc

On Thu, Mar 7, 2013 at 11:08 AM, Ted Creedon tcree...@easystreet.netwrote:

 yes



 On Thu, Mar 7, 2013 at 11:07 AM, Benjamin Kaduk ka...@mit.edu wrote:

 On Thu, 7 Mar 2013, Ted Creedon wrote:

  OpenSuSE 12.3 RC2 kernel 3.7.10-1.1

 ./configure --enable-transarc-paths  --enable-namei-fileserver \
 --with-linux-kernel-headers=/**usr/src/linux --enable-supergroups \
 --enable-bitmap-later

 compile_et.o: In function `main':
 compile_et.c:(.text+0x6ea): undefined reference to `yyin'
 compile_et.c:(.text+0x70f): undefined reference to `yyout'


 Is bison installed on the system in question?

 -Ben Kaduk

Re: [OpenAFS] Re: Advice on a use case

[Ted Creedon]

How about an update R/W or R/O dropdown for windows

tedc

On Tue, Nov 6, 2012 at 8:49 AM, Andrew Deason adea...@sinenomine.netwrote:

 On Tue, 6 Nov 2012 00:06:53 -0800
 Timothy Balcer timo...@telmate.com wrote:

  I have a need to think about replicating large volumes (multigigabyte)
  of large number (many terabytes of data total), to at least two other
  servers besides the read write volume, and to perform these releases
  relatively frequently (much more than once a day, preferably)

 How much more frequently? Hourly? Some people do 4 times hourly (and
 maybe more) successfully.

  Also, these other two (or more) read-only volumes for each read write
  volume will be remote volumes, transiting across relatively fat, but
  less than gigabit, pipes (100+ megabits)

 Latency may matter more than bandwidth; do you know what it is?

  For the moment what I have decided to experiment with is a simple
  system.  My initial idea is to work the afs read-only volume tree into
  an AUFS union, with a local read write partition in the mix. This way,
  writes will be local, but I can periodically flush writes to the AFS
  tree, double check they have been written and released, and then
  remove them from the local partition.. this should maintain integrity
  and high availability for the up-to-the-moment recordings, given I
  RAID the local volume. Obviously, this still introduces a single point
  of failure... so I'd like to flush as frequently as possible.
  Incidentally, it seems you can NFS export such a union system fairly
  simply.

 I'm not sure I understand the purpose of this; are you trying to write
 new data from all of the 'remote' locations, and you need those writes
 to 'finish' quickly?

  But, I feel as if I am missing something... it has become clear that
  releasing is a pretty intensive operation, and if we're talking about
  multiple gigabytes per release, I can imagine it being extremely
  difficult.  Is there a schema that i can use with OpenAFS that will
  help alleviate this problem? Or perhaps another approach I am missing
  that may solve it better?

 Eh, some people do that; it just reduces the benefit of the client-side
 caching. Every time you release a volume, the server tells clients that
 for all data in that volume, the client needs to check with the server
 to see if the cached data is different from what's actually in the
 volume. But that may not matter so much, especially for a small number
 of large files.

 To improve things, you can maybe try to reduce the number of volumes
 that are changing. That is, if you are adding new data in batches, I
 don't know if it's feasible for you to add that 'batch' of data by
 creating a new volume instead of writing to existing volumes.


 And, of course, the release process may not be fast enough to actually
 do releases as quickly as you want. There are maybe some ways to ship
 around volume dumps yourself to get around that, and some pending
 improvements to the volserver that would help, but I would only think
 about that after you try the releases yourself.

 --
 Andrew Deason
 adea...@sinenomine.net

 ___
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] is YFS a derived work?

[Ted Creedon]

http://opensource.org/licenses/ipl-1.0

IBM PL 1.0 states:

*Contributions do not include additions to the Program which: (i) are
separate modules of software distributed in conjunction with the Program
under their own license agreement, and (ii) are not derivative works of the
Program. *

All software I've received in conjunction with the Program are derivative
works, including the NIM and Windows Client.

YFS needs to demonstrate that it is an Original Work and doesn't look to me
like it is.

Its one more Contribution.

What is the opinion of the Elders?

Ted

On Mon, Oct 1, 2012 at 9:53 PM, Troy Benjegerdes ho...@hozed.org wrote:

 Let's look at this another way...

 If someone actually bothers to file an IP lawsuit of any sort regarding
 AFS,
 then I think this would be the most credible sign of success I could
 possibly
 imagine.

 And then, in that case, if there were an issue, there would be sufficient
 community resources to re-write offending code, or re-purpose/extend things
 like Arla, or the linux kernel kafs client.

 What would be the downside of someone 'forcing' YFS back into the open
 source domain? By that time, there should be plenty of customers wanting
 support contracts that it won't matter.

 On Mon, Oct 01, 2012 at 10:21:54AM -0700, Ted Creedon wrote:
  The IP (intellectual property) in YFS seems to be derived from AFS's IP.
 
  If that case can be made, IBM or any other entity could force YFS back
 into
  the open source domain.
 
  The look and feel of YFS may also be a problem - see Broderbund or
  better yet their attorney's web page.
 
  http://www.quinnemanuel.com/attorneys/stern-claude-m.aspx
 
  My direct experience is from a dispute Tektronix had with ParcPlace over
  Smalltalk licensing back in the '80's.
 
  AFS may be able to claim infringement against other file systems because
 of
  its prior art (but its unpatented?).
 
  Which brings up a point, has IBM or CMU protected AFS's IP in any way?
 
  Tedc

[OpenAFS] is YFS a derived work?

[Ted Creedon]

The IP (intellectual property) in YFS seems to be derived from AFS's IP.

If that case can be made, IBM or any other entity could force YFS back into
the open source domain.

The look and feel of YFS may also be a problem - see Broderbund or
better yet their attorney's web page.

http://www.quinnemanuel.com/attorneys/stern-claude-m.aspx

My direct experience is from a dispute Tektronix had with ParcPlace over
Smalltalk licensing back in the '80's.

AFS may be able to claim infringement against other file systems because of
its prior art (but its unpatented?).

Which brings up a point, has IBM or CMU protected AFS's IP in any way?

Tedc

[OpenAFS] AFS SAles Brochure

[Ted Creedon]

Has anyone ever done an  AFS sales brochure comparing the features of AFS
/w the competition, including the proposed YFS features?

tedc

Re: [OpenAFS] the future

[Ted Creedon]

Is it available unsupported?

tedc

On Mon, Oct 1, 2012 at 5:57 PM, Jeffrey Altman jalt...@your-file-system.com
 wrote:

 On 9/30/2012 4:33 PM, Aaron Knister wrote:
  Regarding support, some type of subscription based model could go a long
 way. One if the reasons (other than frankly ignorance) that OpenAFS was
 frowned upon at UMBC was our lack of commercial support. I know there are
 entities that provide support but they seemed to require more effort than
 clicking a button, selecting my subscription type (X number of FileServers,
 Y number of supported clients, Z number of vldb servers, etc), and typing
 in a credit card number

 I have always received a significant amount of pushback for any pricing
 model that is based upon # of servers and especially # of clients.  That
 is why the YFSI pricing model is based upon number a number of support
 incidents.  It doesn't matter how many platforms you deploy or how many
 servers or number of clients, support is driven by how much support the
 organization requires and whether support is U.S. business hours monday
 to friday or 24/7/365.

 Support packages start at US$4995 per year.

 Jeffrey Altman

Re: [OpenAFS] the future

[Ted Creedon]

I didn't mean an unauthorized shutdown.

How about taking a AFS wide survey using a aklog token driven one time pop
up explaining that AFS is not being updated according to industry standards
and that it needs substantial financial support.

Most users are charged for computer support one way or another. AFS needs
to be included just like Microsoft license fees.

I.e. is there any way to get the users fired up?

On Sat, Sep 29, 2012 at 7:13 AM, Jason Edgecombe ja...@rampaginggeek.comwrote:

 On 09/28/2012 11:33 PM, Troy Benjegerdes wrote:

 If we dust off some old AFS code and paint up with YFS, TFS, and
 WTFS (What The Foo is this File Stuff) logos, and have ourselves
 a nice horserace all the spreadsheet guys can take bets on, what
 might happen?

 As I understand, YFS, Inc. is taking this approach.

  How about at the next DEFCON hacker convention we organize a demo
 of a real-time AFS protocol encryption cracker and file-server spoofer?
 I expect this would have all the impact of turning off your servers but
 conveniently providing someone else to blame. Spreadsheet pushers like
 to play blame games, you know.

 Manager/Security: What do you mean that the bloody protocol is
 compromised and we can't fix it?! How much to get off of this crap right
 now?

 Much backlash. That would just make AFS fail.

 I doubt that we would win any customers by deliberately exposing them to
 security, regulatory, or legal problems.

 Jason

Re: [OpenAFS] the future

[Ted Creedon]

My intent was to foment a user uprising resulting in pressure on the .edu 
.com level administrators to provide funding from established budgets. More
of a corporate funding than individual contributions.

Perhaps a cc to the local spreadsheet managers would get the user needs
better communicated.

I.e. you can't aklog one time only until you fill out the poll, send it in
w/cc to local financial folks.

Tedc

On Sun, Sep 30, 2012 at 8:41 AM, Troy Benjegerdes ho...@hozed.org wrote:


 On Sun, Sep 30, 2012 at 02:49:08AM -0700, Ted Creedon wrote:

  How about taking a AFS wide survey using a aklog token driven one time
 pop
  up explaining that AFS is not being updated according to industry
 standards
  and that it needs substantial financial support.
 
  Most users are charged for computer support one way or another. AFS needs
  to be included just like Microsoft license fees.
 
  I.e. is there any way to get the users fired up?

 I like this. But I think for this to work we need a simple URL like
 'http://openafs.org/donate' that that shows up in the command line aklog
 client, and on a clickable link in the GUI client.

 Currently http://static.usenix.org/about/openafs/ is the only 'donate to
 OpenAFS' link I can find, but that requires cutting a check. The landing
 page for donations needs to accept PayPal, Amazon payments, Dwolla, and
 Bitcoin, as well as form to click saying 'My organization uses openafs,
 please contact __ who has purchasing authority'

 I think it would look better to have a full OpenAFS foundation with clear
 governance, but for the moment, all that is needed is some consensus to
 set up a 'donate' landing page on OpenAFS.org, and someone to set up the
 payment arrangements so checks get regularly cut to the address on the
 Usenix association page.

 If there is a consensus to go ahead with this, I would be willing to offer
 to handle the Dwolla and Bitcoin 'instant donate' links. I can beat
 whatever
 percentage Amazon and Paypal take and still make it worth my time, and I'll
 include the others because it makes for wider audience for contributions.

 If there is not a consensus to go ahead with this within a month or two,
 I'm going to (at whatever glacial pace I feel like it) release TFS
 version(s)
 for Linux, Android, and MacOS that have such a link and donate pages.

[OpenAFS] survey

[Ted Creedon]

how about an OpenAFS survey included as part of the distribution?

Re: [OpenAFS] Funding the formation of an OpenAFS Foundation

[Ted Creedon]

If IBM wants backward compatibility they should pay for it. They're
coasting on your work.

What's in a name? Who cares?

Time to move on despite the risks. I'm willing to pay for AFS as long as I
have access to sources under NDA, license or whatever.

Ted

On Thu, Sep 27, 2012 at 10:49 PM, Russ Allbery r...@stanford.edu wrote:

 Troy Benjegerdes ho...@hozed.org writes:

  So here's a general question for the list: Would you rather see OpenAFS
  end with a bang because the community imploded, or with a whimper when
  all the AFS admins that have been carrying the torch retire and the new
  CIO moves everyone to iCloud or google drive?

 Given those choices (which represent a false dichotomy, but fine, let's
 have this argument anyway), a whimper, because being nasty to other people
 is simply not okay, makes the world a worse place all around, and almost
 never actually helps.

 One of the deep flaws in the open source community at large right now,
 seen in all sorts of different projects, is that it has rather a large
 share of technically-competent abrasive assholes who really *like* being
 assholes and don't want to change, and who have therefore invented a
 marvellous little story that they tell themselves about how their behavior
 is actually courageous truthtelling, brutal honesty, a refusal to settle
 for the status quo, or otherwise part of why they're able to accomplish
 so much good work.  It's all bullshit.  They're just technically-competent
 people who also happen to be assholes.

 The actual reason why so much open source work is done by such people is
 not because they're better at it.  It's because they drive off everyone
 who doesn't have thick skin or enjoys robust exchanges of views or
 whatever today's euphemism is for tolerating abusive behavior, and then
 use the fact that all surviving project members interact like they do as
 proof that their social behavior is acceptable.  It's a self-selecting,
 self-perpetuating ecosystem that I'm increasingly uninterested in
 tolerating.

 It's also not actually productive.  There are more technically-competent
 people in the world who like supportive, cooperative projects with
 functional, adult social expectations than people who thrive on abrasive
 conflict.  If one stops tolerating abusive people, one often finds all
 sorts of people contributing who otherwise would take one look at the
 prevailing tone and just quietly walk away.  Everyone is abrasive
 sometimes, but most people *try* not to be and apologize when they slip,
 and those are the kind of people I want to work with.  It's also the kind
 of person that I want to be, and one starts to emulate the people one
 interacts with, for good or for ill.  There are lots of places I could
 spend my time productively; the nature of the community is a primary
 selection criteria.  (I could also go off on an extended discussion of how
 this particular pattern is deeply entangled with the gender bias in open
 source, but I'll spare you.)

 Besides, whether one attracts more developers that way or not, it's simply
 the right thing to do, at a level that's considerably more important than
 whether AFS survives as a technology or not.

 --
 Russ Allbery (r...@stanford.edu) http://www.eyrie.org/~eagle/
 ___
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/mailman/listinfo/openafs-info

[OpenAFS] the future

[Ted Creedon]

Its clear to me that the skill set needed to improve AFS is moving on.

My only concern is dealing with vulture capitalists, buyouts and more
financial quicksand.

The reluctance of the major users to fund a mission critical file system
like AFS is yet another example of corporate spread sheet management
stupidity.

I'd turn the file servers off for a day so so  to simulate what the world
would be like w/o AFS.

Perhaps on a triple witching day..

Ted

If you can self fund YFS and I hope you make out as well as Linus.

Re: [OpenAFS] Re: [AFS3-std] Re: IBM will not re-license OpenAFS .xg files

[Ted Creedon]

For what its worth, while at Mentor Graphics, I retained Scott Myers and an
intern to write C++ header files for the IBIS specification.

IBIS specifies how to model complex electronic circuits and interconnect
(i.e. as in Intel  motherboards).

Equivalent complexity.  I built a special room with 36 ft of whiteboard,
Scott would layout the design and the intern would spend a week coding.

So that is my level of effort estimate, once the spec is written, which
took an industry committee of experts a wear to agree on.

Interestingly, the header files spotted several ambiguities in the spec
which is left unresolved guaranteed that multiple vendor IBIS
implementations would be incompatible.

Ted

On Thu, Aug 30, 2012 at 8:56 PM, Derrick Brashear sha...@gmail.com wrote:

  Maintaining OpenAFS involves, among other things:
 
  * Kernel code as well as userspace code for various UNIXes.
  * Mac OS X development (with quite a bit of OS internals involvement).
  * Windows kernel file system development.
  * High-performance threaded code with a complex lock model.
  * A custom network protocol with substantial complexity.
  * Cryptographic network security models.
 
  Some of those things (such as the Windows kernel file system work) no
  other project, open source *or* commercial, does at the level that
 OpenAFS
  does.  This is a level of complexity *far* beyond the typical open source
  project.  The only open source projects I can think of with equivalent
  complexity are primarily maintained by full-time, professional developers
  whose job is to work on that software, and whose salaries are paid by
  companies like Red Hat, Novell, IBM, Google, or Oracle.

 Indeed, it has come back to me through 3rd party channels that Apple
 has told developers
 OpenAFS is doing it, so clearly it can be done ... as outsiders.

 [...]

  * A coherent mobile story for how mobile devices and applications are
going to access data in AFS, including how they can authenticate
 without
using user passwords (which are increasingly a bad authentication story
anywhere but are particularly horrible on mobile devices).

 Apple has made this somewhat harder by removing developer access to the
 hardware
 device identifier.

 Largely I find myself in agreement with the rest of this.


 --
 Derrick
 ___
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Transferring data from old server to new server

[Ted Creedon]

I have /usr/vice and /usr/afs on raid cards

I just unplug the card  move it and the drives to the new box.

ted

On Thu, Jul 26, 2012 at 4:22 AM, Youssef Eldakar
youssefelda...@gmail.comwrote:

 1.4.12+dfsg-3+ubuntu0.1. I am planning to replace this OpenAFS server with
 another one on another machine running Ubuntu 12.04, which comes with
 OpenAFS version 1.6.1-1. What's the simplest way to transfer the data over
 to the new server? Would just rsyncing /vicepa work?

 Thank you for advising.

[OpenAFS] remove RClone

[Ted Creedon]

how does one remove RClone from a vos listvldb?

I.e.
junk.vol
RWrite: 536870936 ROnly: 536870964 RClone: 536870964

Re: [OpenAFS] loccalauth required for 2 of 3 servers

[Ted Creedon]

Best guess is the firewall is slow

the R/W server geronimo is outside and the sync server ookpik and 3rd
server redcloud are inside.

So vos release on redcloud works and vos release on geronimo  ookpik fail
without -localauth

Everything else works fine

I suppose I'll try using geronimo as a default route for but i'll have to
add a firewall to it (fwbuilder0.

ted

On Sat, May 26, 2012 at 5:45 PM, Derrick Brashear sha...@gmail.com wrote:

 ok, where's the failure?


 On Sat, May 26, 2012 at 2:08 PM, Ted Creedon tcree...@easystreet.net
 wrote:
  redcloud is only one of 3 servers that does not require -localauth
 
  the R/W server geronimo and the sync server ookpik fail as follows:
 
  10:20:09.732516 IP ookpik.creedon.biz.60135 
  geronimo.creedon.biz.afs3-vlserver:  rx ack first 2 serial 0 reason delay
  (65)



 --
 Derrick

[OpenAFS] loccalauth required for 2 of 3 servers

[Ted Creedon]

redcloud is only one of 3 servers that does not require -localauth

the R/W server geronimo and the sync server ookpik fail as follows:

10:20:09.732516 IP ookpik.creedon.biz.60135 
geronimo.creedon.biz.afs3-vlserver:  rx ack first 2 serial 0 reason delay
(65)

Re: [OpenAFS] Re: -localauth switch

[Ted Creedon]

 time is Thu May 24 10:51:58 2012
Local time is Thu May 24 10:51:59 2012 (time differential 1 secs)
Last yes vote for 10.1.1.186 was 4 secs ago (sync site);
Last vote started 3 secs ago (at Thu May 24 10:51:56 2012)
Local db version is 1337880395.9
I am not sync site
Lowest host 10.1.1.186 was set 4 secs ago
Sync host 10.1.1.186 was set 4 secs ago
The last trans I handled was 0.6
Sync site's db version is 1337880395.9
0 locked pages, 0 of them for write



On Thu, Apr 12, 2012 at 1:06 PM, Andrew Deason adea...@sinenomine.netwrote:

 On Fri, 6 Apr 2012 14:18:52 -0700
 Ted Creedon tcree...@easystreet.net wrote:

   vos release junk.vol
  Could not lock the VLDB entry for the volume 536870936.
  u: no quorum elected
  Error in vos release command.
  u: no quorum elected

 So, what does 'udebug server 7003' say for each dbserver?

 --
 Andrew Deason
 adea...@sinenomine.net

 ___
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/mailman/listinfo/openafs-info

[OpenAFS] -localauth switch

[Ted Creedon]

just upgraded to 1.6.1 and need the -localauth switch to vos release a
volume

any clues? the permissions  keys look OK

tedc

Re: [OpenAFS] Re: -localauth switch

[Ted Creedon]

Everything seems  in  order on 3 servers, CellServDB'ss, tokens, udebug,
logs, etc

except one server is dual homed and its second IP address is not in
CellServDB

The following only works with -localauth

 vos release junk.vol
Could not lock the VLDB entry for the volume 536870936.
u: no quorum elected
Error in vos release command.
u: no quorum elected

On Fri, Apr 6, 2012 at 11:23 AM, Andrew Deason adea...@sinenomine.netwrote:

 On Fri, 6 Apr 2012 10:42:34 -0700
 Ted Creedon tcree...@easystreet.net wrote:

  just upgraded to 1.6.1 and need the -localauth switch to vos release a
  volume

 I assume you mean that you used to be able to 'vos release' without
 -localauth. Do you have tokens? What error message do you get?

 --
 Andrew Deason
 adea...@sinenomine.net

 ___
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] HowTo setup OpenAFS cell PDF, german

[Ted Creedon]

Babelfish is not all that bad.

On Wed, Mar 28, 2012 at 9:32 AM, Lars Schimmer l.schim...@cgv.tugraz.atwrote:

 Hi!

 The workshop at the Chemnitz Linux Tag 2012 is done and today I changed
 some parts in the script of that workshop.
 It is now available, I just link here the Chemnitz Linux Tag pages, and
 it is still in german.
 But if you follow the commands, you should be able to setup a new cell
 on your own.

  That PDF is here:
 http://chemnitzer.linux-tage.de/2012/vortraege/folien/1018_OpenAFS.pdf
 The virtual server image on which that workshop is done is here:
 http://tetris.cgv.tugraz.at/clt2012/CLT12.de.tar.bz2

 Maybe someone has time to translate that PDF to english? I can provide a
 .tex file and recreate the PDF afterwards in english.

 MfG,
 Lars Schimmer
 --
 -
 TU Graz, Institut für ComputerGraphik  WissensVisualisierung
 Tel: +43 316 873-5405   E-Mail: l.schim...@cgv.tugraz.at
 Fax: +43 316 873-5402   PGP-Key-ID: 0x4A9B1723
 ___
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Re: OpenAFS 1.6.0 with Microsoft Active Directory 2008 - Questions about DES

[Ted Creedon]

I think the encryption is incorrect. Should be:DES-CBC-CRC


tedc

On Mon, Jan 9, 2012 at 8:05 AM, Jeff White jaw...@pitt.edu wrote:

 Thanks for the reply.  I'm not sure what about short names would cause
 problems but I recall hearing about that with AD before so I'll assume it's
 just a weird thing/bug with Windows.  I originally created a logon name of
 'afs' not 'afs/pitt.edu' so ktpass or something changed it.  I started
 over with an account named afs-pitt-edu-cell, exported the key, imported
 the key, and of course it still has the DES error as expected.  Do you
 think the KdcUseRequestedEtypesForTicket**s registry change which I can't
 implement without breaking everything as I mentioned before is why DES is
 failing?  I can see in gpresult that DES should be allowed  and the DES box
 is checked on the account so other than that or the attributes Douglas
 Engert mentioned I don't know what could be wrong and I'll have to admit
 defeat and give up.

 C:\Users\jaw171.AFSDC-DEV**ktpass -princ afs/pitt@pitt.edu -mapuser
 afs-pitt-
 edu-cell -pass * -crypto DES-CBC-MD5 +rndpass /mapop add +desonly /ptype
 KRB5_NT
 _PRINCIPAL +dumpsalt -out afs-pitt-edu-cell.keytab
 Targeting domain controller: AFSDC-DEV.pitt.edu
 Using legacy password setting method
 Successfully mapped afs/pitt.edu to afs-pitt-edu-cell.
 Building salt with principalname afs/pitt.edu and domain PITT.EDU(encryption 
 ty
 pe 3)...
 Hashing password with salt PITT.EDUafspitt.edu.
 Key created.
 Output keytab to afs-pitt-edu-cell.keytab:
 Keytab version: 0x502
 keysize 48 afs/pitt@pitt.edu ptype 1 (KRB5_NT_PRINCIPAL) vno 5 etype
 0x3 (DE
 S-CBC-MD5) keylength 8 (0x57100bd91a01155d)
 Account afs-pitt-edu-cell has been set for DES-only encryption.

 Jeff White - Linux/Unix Systems Engineer
 University of Pittsburgh - CSSD


 On 01/08/2012 11:50 AM, Jeffrey Altman wrote:

 Separate from your DES issues, there are two serious problems here.

 1. You are creating an account with a logon name of afs/pitt.edu
 instead of something like afs-pitt-edu-cell and then setting a Service
 Principal Name of afs/pitt@pitt.edu on that account.

 The slash in Kerberos is a name component separator.  When aklog
 requests a ticket for afs/pitt@pitt.edu it is asking the PITT.EDU
 KDC for the principal

   afs pitt.edu

 Not the principal

   afs/pitt.edu

 2. You cannot give the account the name AFS or have a short name of
 AFS.  Doing so will cause name resolution of a...@pitt.edu to succeed
 which will in turn break all of your deployed Windows AFS clients.




  __**_
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/**mailman/listinfo/openafs-infohttps://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] OpenAFS on OpenSuse 12.1: No connection to filesystem

[Ted Creedon]

Works fine here but I compiled my own on 4 Suse 12.1 boxes.

tedc

Re: [OpenAFS] recommended UFS parameters for cache partition?

[Ted Creedon]

Not necessarily true with on disk caching

Disk heads dont recal after every seek

On Tuesday, December 27, 2011, chas williams - CONTRACTOR 
c...@cmf.nrl.navy.mil wrote:
 On Mon, 26 Dec 2011 15:16:16 -0500 (EST)
 Benjamin Kaduk ka...@mit.edu wrote:


 (Or should I just not worry about it and assume that any potential
 improvements would be lost in the noise?)

 other than i believe you still cannot use journaling on the caching
 partition, there isnt much to do.

 however, as with all disks, the closer to the beginning of the disk
 the faster the filesystem will perform.  this is why people now suggest
 putting swap at the beginning of the disk (ignoring any tiny boot
 partitions you might need).
 ___
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Happy Holidays -- Another year in the life of OpenAFS

[Ted Creedon]

Does any docbook conversion support typesetting or am I back to latex?

I meant quarto, I have binding  shearing although I feel like Ben Franklin
sometimes.

The handbook is quite handy.

Tedc

On Fri, Dec 23, 2011 at 5:48 AM, chas williams - CONTRACTOR 
c...@cmf.nrl.navy.mil wrote:

 i would hazard that content is more important than 'ease of use'.  it
 really doesnt matter if you can carry the manual with you if it doesnt
 provide any useful help.

 there is nothing to prevent the current docbook from being rendered
 into quarto (i suspect you meant folio since quarto would be hard to
 use without cutting and binding). you could just do it by simply
 post-processing the .pdf with pdfnup.  if you feel there is something
 specific missing, please open a bug.  i know we are currently missing
 an index for the manual pages -- it got lost in the conversion.

 we also have .epub and .mobi (kindle) versions of the manuals available
 (generated from the same docbook/pod that is generating the .pdf
 and .html) for those that have moved beyond the whole dead trees thing.

 On Thu, 22 Dec 2011 21:51:39 -0800
 Ted Creedon tcree...@easystreet.net wrote:

  Its not the docs content, just the formatting and ease of use.
 
  On Thu, Dec 22, 2011 at 8:39 PM, Jeffrey Altman 
  jalt...@secure-endpoints.com wrote:
 
   On 12/22/2011 8:54 PM, David Boyes wrote:
   
   
   
1. Recreated the IBM format including hyperlinks, appendix,
 permuted
index,
Etc
   
I have the original doc tools used to create the IBM docs, and the
   ability
to produce and translate the .boo files. These tools can
 automagically do
the above if asked.
  
   All of our documentation is now in Docbook.  They include hyperlinks,
   the appendix, index, etc.  The original IBM docs are of little interest
   in 2011.
  
   Jeffrey Altman
  
  

Re: [OpenAFS] Future of maemo port?

[Ted Creedon]

Just another side project.

I need 3 AFS Appliances. They're cheap reliable, easy to maintain and
transportable. Actually I could use several..

On Fri, Dec 23, 2011 at 5:52 AM, Jason Edgecombe ja...@rampaginggeek.comwrote:

 I don't think that I'll be able to help much with that.


 On 12/23/2011 12:55 AM, Ted Creedon wrote:

 AFS as an add on to he Dllink would suit me fine and allow shutting down 3
 servers

 If a larger capacity circuit board is needed, that's not a a problm.

 maybe I'll have time after Jan 1.

 tedc

 On Thu, Dec 22, 2011 at 7:20 PM, Jason Edgecombejason@rampaginggeek.**
 com ja...@rampaginggeek.comwrote:

  Hi Ted,

 Other ARM devices, like the D-Link, that run Linux have a good chance to
 run OpenAFS. debian-arm does exist. I'm just wanted to formally deprecate
 the maemo code, which has been unmaintained for a while.


 On 12/22/2011 01:02 PM, Ted Creedon wrote:

  The Dlink DNS-320 NAS has an 800 MHz ARM + 128M of memory

 If it could be ported, that would be ideal

 I've requested the GPL build tree from Dlink

 I would not be adverse to sponsoring part of a project to provide a
 replacement board for same.

 tedc

 On Thu, Dec 22, 2011 at 9:32 AM, Jason Edgecombejason@rampaginggeek.**
 **
 comja...@rampaginggeek.com**wrote:

  Hi Everyone,

 Are there any objections to removing the maemo port project from the
 wiki?
 Should it be replaced by something else? Maemo is dead and I have no
 clue
 about Meego, its successor. I haven't touched the Maemo port in a
 couple
 of
 years, and I have no device to develop or test on.

 What mobile platforms does it make sense to (hopefully) spend effort
 on?

 Insights? Comments?

 Thanks,
 Jason
 __**_
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/**mailman/listinfo/openafs-infohttps://lists.openafs.org/mailman/listinfo/openafs-info
 **https://lists.openafs.org/mailman/listinfo/openafs-infohttps://lists.openafs.org/**mailman/listinfo/openafs-info
 
 **https://lists.openafs.org/mailman/listinfo/openafs-infohttps://lists.openafs.org/**mailman/listinfo/openafs-info
 **https://lists.openafs.org/**mailman/listinfo/openafs-infohttps://lists.openafs.org/mailman/listinfo/openafs-info
 

  ___
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/mailman/listinfo/openafs-infohttps://lists.openafs.org/**mailman/listinfo/openafs-info
 **https://lists.openafs.org/**mailman/listinfo/openafs-infohttps://lists.openafs.org/mailman/listinfo/openafs-info
 


 __**_
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/**mailman/listinfo/openafs-infohttps://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Future of maemo port?

[Ted Creedon]

I flash my own Netgear  firewalls.

The reverse engineering of all the DNS 320 features ought to be done on X86
boxes. i'd like to add VLC and hard disk recovery. The terminal interface
via stelnet or ssh is fine.

Not all the build scripts are included.

On Fri, Dec 23, 2011 at 2:17 PM, Jason Edgecombe ja...@rampaginggeek.comwrote:

 The hardest part will likely be getting a development environment
 installed. There might be a forum or web site to support hacking on the
 Dlink.

 you can also get help from the debian-arm email list:
 http://lists.debian.org/**debian-arm/http://lists.debian.org/debian-arm/


 On 12/23/2011 11:16 AM, Ted Creedon wrote:

 Just another side project.

 I need 3 AFS Appliances. They're cheap reliable, easy to maintain and
 transportable. Actually I could use several..

 On Fri, Dec 23, 2011 at 5:52 AM, Jason Edgecombejason@rampaginggeek.**
 com ja...@rampaginggeek.comwrote:

  I don't think that I'll be able to help much with that.


 On 12/23/2011 12:55 AM, Ted Creedon wrote:

  AFS as an add on to he Dllink would suit me fine and allow shutting
 down 3
 servers

 If a larger capacity circuit board is needed, that's not a a problm.

 maybe I'll have time after Jan 1.

 tedc

 On Thu, Dec 22, 2011 at 7:20 PM, Jason Edgecombejason@rampaginggeek.**
 **

 comja...@rampaginggeek.com**wrote:

  Hi Ted,

 Other ARM devices, like the D-Link, that run Linux have a good chance
 to
 run OpenAFS. debian-arm does exist. I'm just wanted to formally
 deprecate
 the maemo code, which has been unmaintained for a while.


 On 12/22/2011 01:02 PM, Ted Creedon wrote:

  The Dlink DNS-320 NAS has an 800 MHz ARM + 128M of memory

 If it could be ported, that would be ideal

 I've requested the GPL build tree from Dlink

 I would not be adverse to sponsoring part of a project to provide a
 replacement board for same.

 tedc

 On Thu, Dec 22, 2011 at 9:32 AM, Jason Edgecombejason@rampaginggeek.
 
 **
 comja...@rampaginggeek.comwrote:

  Hi Everyone,

  Are there any objections to removing the maemo port project from the
 wiki?
 Should it be replaced by something else? Maemo is dead and I have no
 clue
 about Meego, its successor. I haven't touched the Maemo port in a
 couple
 of
 years, and I have no device to develop or test on.

 What mobile platforms does it make sense to (hopefully) spend effort
 on?

 Insights? Comments?

 Thanks,
 Jason
 ___
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/mailman/listinfo/openafs-**infohttps://lists.openafs.org/**mailman/listinfo/openafs-info
 https://lists.openafs.**org/mailman/listinfo/**openafs-infohttps://lists.openafs.org/mailman/listinfo/openafs-info
 
 **https://lists.openafs.org/**mailman/listinfo/openafs-**infohttps://lists.openafs.org/mailman/listinfo/openafs-info
 https://lists.openafs.**org/**mailman/listinfo/**openafs-infohttps://lists.openafs.org/**mailman/listinfo/openafs-info
 
 **https://lists.openafs.org/**mailman/listinfo/openafs-**infohttps://lists.openafs.org/mailman/listinfo/openafs-info
 https://lists.openafs.**org/**mailman/listinfo/**openafs-infohttps://lists.openafs.org/**mailman/listinfo/openafs-info
 
 **https://lists.openafs.org/mailman/listinfo/openafs-infohttps://lists.openafs.org/**mailman/listinfo/openafs-info
 **https://lists.openafs.org/**mailman/listinfo/openafs-infohttps://lists.openafs.org/mailman/listinfo/openafs-info
 
  __**_

 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/**mailman/listinfo/openafs-infohttps://lists.openafs.org/mailman/listinfo/openafs-info
 **https://lists.openafs.org/mailman/listinfo/openafs-infohttps://lists.openafs.org/**mailman/listinfo/openafs-info
 
 **https://lists.openafs.org/mailman/listinfo/openafs-infohttps://lists.openafs.org/**mailman/listinfo/openafs-info
 **https://lists.openafs.org/**mailman/listinfo/openafs-infohttps://lists.openafs.org/mailman/listinfo/openafs-info
 

  ___
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/mailman/listinfo/openafs-infohttps://lists.openafs.org/**mailman/listinfo/openafs-info
 **https://lists.openafs.org/**mailman/listinfo/openafs-infohttps://lists.openafs.org/mailman/listinfo/openafs-info
 


 __**_
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/**mailman/listinfo/openafs-infohttps://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Happy Holidays -- Another year in the life of OpenAFS

[Ted Creedon]

A documentation week would be more like it.

My private docs stopped development some years ago using LaTex:

1. Recreated the IBM format including hyperlinks, appendix, permuted index,
etc
2. Devised a customizable Quick Start Guide specific to each OS and default
paths (Transarc, etc) using a single source file with 2 switches.
3. Published a quarto volume handbook which is quite handy (4 pages/sheet 2
sided).

If I can be of help

Merry Christmas and thanks for all your hard work.


Tedc

Re: [OpenAFS] Future of maemo port?

[Ted Creedon]

The Dlink DNS-320 NAS has an 800 MHz ARM + 128M of memory

If it could be ported, that would be ideal

I've requested the GPL build tree from Dlink

I would not be adverse to sponsoring part of a project to provide a
replacement board for same.

tedc

On Thu, Dec 22, 2011 at 9:32 AM, Jason Edgecombe ja...@rampaginggeek.comwrote:

 Hi Everyone,

 Are there any objections to removing the maemo port project from the wiki?
 Should it be replaced by something else? Maemo is dead and I have no clue
 about Meego, its successor. I haven't touched the Maemo port in a couple of
 years, and I have no device to develop or test on.

 What mobile platforms does it make sense to (hopefully) spend effort on?

 Insights? Comments?

 Thanks,
 Jason
 __**_
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/**mailman/listinfo/openafs-infohttps://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Happy Holidays -- Another year in the life of OpenAFS

[Ted Creedon]

Its not the docs content, just the formatting and ease of use.

On Thu, Dec 22, 2011 at 8:39 PM, Jeffrey Altman 
jalt...@secure-endpoints.com wrote:

 On 12/22/2011 8:54 PM, David Boyes wrote:
 
 
 
  1. Recreated the IBM format including hyperlinks, appendix, permuted
  index,
  Etc
 
  I have the original doc tools used to create the IBM docs, and the
 ability
  to produce and translate the .boo files. These tools can automagically do
  the above if asked.

 All of our documentation is now in Docbook.  They include hyperlinks,
 the appendix, index, etc.  The original IBM docs are of little interest
 in 2011.

 Jeffrey Altman

Re: [OpenAFS] Future of maemo port?

[Ted Creedon]

AFS as an add on to he Dllink would suit me fine and allow shutting down 3
servers

If a larger capacity circuit board is needed, that's not a a problm.

maybe I'll have time after Jan 1.

tedc

On Thu, Dec 22, 2011 at 7:20 PM, Jason Edgecombe ja...@rampaginggeek.comwrote:

 Hi Ted,

 Other ARM devices, like the D-Link, that run Linux have a good chance to
 run OpenAFS. debian-arm does exist. I'm just wanted to formally deprecate
 the maemo code, which has been unmaintained for a while.


 On 12/22/2011 01:02 PM, Ted Creedon wrote:

 The Dlink DNS-320 NAS has an 800 MHz ARM + 128M of memory

 If it could be ported, that would be ideal

 I've requested the GPL build tree from Dlink

 I would not be adverse to sponsoring part of a project to provide a
 replacement board for same.

 tedc

 On Thu, Dec 22, 2011 at 9:32 AM, Jason Edgecombejason@rampaginggeek.**
 com ja...@rampaginggeek.comwrote:

  Hi Everyone,

 Are there any objections to removing the maemo port project from the
 wiki?
 Should it be replaced by something else? Maemo is dead and I have no clue
 about Meego, its successor. I haven't touched the Maemo port in a couple
 of
 years, and I have no device to develop or test on.

 What mobile platforms does it make sense to (hopefully) spend effort on?

 Insights? Comments?

 Thanks,
 Jason
 ___
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/mailman/listinfo/openafs-infohttps://lists.openafs.org/**mailman/listinfo/openafs-info
 **https://lists.openafs.org/**mailman/listinfo/openafs-infohttps://lists.openafs.org/mailman/listinfo/openafs-info
 


 __**_
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/**mailman/listinfo/openafs-infohttps://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Re: windows openafs cache not updating

[Ted Creedon]

My problem may be Norton, I'll check it out

ted

On Mon, Dec 12, 2011 at 6:27 PM, Jonathan Nilsson jnils...@uci.edu wrote:

  FindClient: stillborn client 74024d60(d16fe8cc); conn 180213d0
  (host MY.CLI.ENT.IP:7001) had client f402fa30(d16fe8cc)
  CB: RCallBackConnectBack (host.c) failed for host MY.CLI.ENT.IP:7001
  CB: WhoAreYou failed for host 34015890 (MY.CLI.ENT.IP:7001), error 1
 
  Could these messages be indicating a problem? (They appear frequently in
  the logs and I cannot tell if they correspond to specific read or write
  actions on the clients.)

 Yes, they indicate that the fileserver cannot contact that client to
 tell it that the files have changed (well, the latter two, anyway). Is
 that client behind a NAT or some kind of stateful firewall?


 No, the client has a static IP.


 Assuming not, a simple test you can perform to check that a client is

 reachable from the fileserver is by running:

 rxdebug client 7001 -version


 doh! that does not respond.

 in Control Panel - Windows Firewall - Allow a program or feature
 through Windows Firewall it seems like the OpenAFS client must have
 attempted to add itself, but not completely... i see a checkbox under the
 Public network type, but not in the Domain or Home/Work (Private)
 network type.  when I add those checkboxes, then rxdebug client 7001
 -version works.

 is it intentional to only allow 7001 on Public networks but not on Domain
 networks?

 thanks for the quick reply!
 --
 Jonathan



 from the fileserver. If that does not respond with the version of that
 client, check firewalls et al and allow port udp 7001 to the client.
 This is assuming, though, that the client generally stays up. It can be
 normal to see messages like that if the client is abruptly removed from
 the network or shutdown in an unclean fashion, etc.

 --
 Andrew Deason
 adea...@sinenomine.net

 ___
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/mailman/listinfo/openafs-info




 --
 Jonathan.Nilsson at uci dot edu
 Social Sciences Computing Services
 SSPB 1265 | 949.824.1536

Re: [OpenAFS] windows openafs cache not updating

[Ted Creedon]

Same problem here w/ XP using 1.7.01

Linux clients are OK

On Mon, Dec 12, 2011 at 4:40 PM, Jonathan Nilsson jnils...@uci.edu wrote:

 Hello,

 Has anyone had cache inconsistency problems with Windows clients?

 Two Windows 7 64-bit OpenAFS 1.7.3 clients are not seeing the same files
 when they look at the same volume via two different RW mount points. One
 client is making changes, and the other client is just reading the files,
 but both are accessing the volume via an RW mount point so that a 'vos
 release' won't be necessary. We've seen this problem occasionally before
 with earlier versions of OpenAFS too, but never bothered much because it
 seemed to fix itself eventually. But now, the only thing that makes the
 files show up is a reboot. An AFS - flush volume command from the
 context menu does not solve the problem.

 Some additional info: the server housing this volume is CentOS 6 64-bit,
 OpenAFS 1.4.14. We see messages like these scattered about in the FileLog
 for the client that is not seeing the changed files:

 FindClient: stillborn client 74024d60(d16fe8cc); conn 180213d0
 (host MY.CLI.ENT.IP:7001) had client f402fa30(d16fe8cc)
 CB: RCallBackConnectBack (host.c) failed for host MY.CLI.ENT.IP:7001
 CB: WhoAreYou failed for host 34015890 (MY.CLI.ENT.IP:7001), error 1

 Could these messages be indicating a problem? (They appear frequently in
 the logs and I cannot tell if they correspond to specific read or write
 actions on the clients.)

 --
 Jonathan.Nilsson at uci dot edu
 Social Sciences Computing Services
 SSPB 1265 | 949.824.1536

Re: [OpenAFS] /afs mounts RO on kernel 3.1.0-1.1

[Ted Creedon]

Looks like the mount points are all # (no%) and rooot.affs  root.cell have
disappeared.

Will vos dump everything and remount all.

The strangest thing is that some some machines the # mount points are
writable;

ted

On Tue, Nov 15, 2011 at 8:40 AM, Marc Dionne marc.c.dio...@gmail.comwrote:

 On Sat, Nov 12, 2011 at 19:51, Ted Creedon tcree...@easystreet.net
 wrote:
  I'm upgrading my Linux bpxes to open suse 12.1 RC2 (3.1.0-1.1)

 I wouldn't recommend running a 3.1 kernel with OpenAFS 1.6.0.  There's
 a bug that will eventually cause your system to hang under load.  It
 is fixed in the master branch, and will be part of any upcoming 1.6
 releases.

  While openafs-1.6.0 compiles  installs OK the /afs/.creedon.biz file
 system
  gets mounted RO
 
  Other 1.6.0  versions of the client on other boxes with older kernels
 still
  are writable but the newer 1.6.0 client doesn't
  seem to work on kernel 3.1.0-1.1. but does work on kernel 2.6.34.7-0.7.
 
 
  eg:
 
  touch  /afs/.creedon.biz/junk/foo
  touch: cannot touch `/afs/.creedon.biz/junk/foo': Read-only file system

 I have a few systems with 3.1 and 3.2-rc kernels (but running master,
 not 1.6) and this behaves normally for my cells.

 Marc

[OpenAFS] /afs mounts RO on kernel 3.1.0-1.1

[Ted Creedon]

I'm upgrading my Linux bpxes to open suse 12.1 RC2 (3.1.0-1.1)

While openafs-1.6.0 compiles  installs OK the /afs/.creedon.biz file
system gets mounted RO

Other 1.6.0  versions of the client on other boxes with older kernels still
are writable but the newer 1.6.0 client doesn't
seem to work on kernel 3.1.0-1.1. but does work on kernel 2.6.34.7-0.7.


eg:

touch  /afs/.creedon.biz/junk/foo
touch: cannot touch `/afs/.creedon.biz/junk/foo': Read-only file system

any help would be appreciated

tedc

Re: [OpenAFS] OpenAFS 1.6.002 on Windows; No Network Access doesn't mean anything

[Ted Creedon]

I'm having the same problem - can't set up a writable share but can view
using a browser

Hope there's a quick fix

tedc

On Mon, Sep 12, 2011 at 3:01 PM, Jeffrey Altman 
jalt...@secure-endpoints.com wrote:

 The AFS adapter is a loopback adapter.  It has no Internet access
 because it isn't a network on which there is a router.

 On 9/12/2011 5:25 PM, John Tang Boyland wrote:
  I'm embarrassed to say that after two years of trying to get students to
  successfully install OpenAFS on Windows, I find that one of the
  diagnostics I was using is irrelevant.  When a student installed OpenAFS
  but didn't get things to work, since I don't know Windows at all,
  I would try to wander around the myriad pages in the explorer.
 
  I stumbled on the Network and Sharing Center and sure enough
  AFS would be listed as an Unidentified Network and that
  it had No network access.  I would click on AFS and get
  an AFS status page that shows IPv4 connectivity: No network access
  and activity: XXX packets sent and 0 received.
 
  We would try various magic incantations to get AFS to work.
  If they worked (i.e. we could go to \\afs\cs.uwm.edu in the Explorer
  window), the student would be happy and go off.  And I wouldn't
  see the computer again.
 
  Finally someone got me my own computer to experiment with and
  (surprise surpise) even when AFS is working just fine, the Network
  and Sharing center STILL says that AFS has no network access.
  So, a view that I thought would help with diagnosis is worthless.
 
  Regards,
  John
  ___
  OpenAFS-info mailing list
  OpenAFS-info@openafs.org
  https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Re: openafs-1.6.0pre2 issues

[Ted Creedon]

ookpik:/usr/afs/logs # rxdebug 10.1.1.211 7003
Trying 10.1.1.211 (port 7003):
^C
ookpik:/usr/afs/logs # rxdebug lizzy 7003
Trying 10.1.1.211 (port 7003):
^C
ookpik:/usr/afs/logs # rxdebug lizzy 7003
Trying 10.1.1.211 (port 7003):
^C

will backport to 1.4.14 and see what happens, if similar will tcpdump; no
firewalls

thanks

ted



On Wed, Feb 16, 2011 at 3:20 PM, Andrew Deason adea...@sinenomine.netwrote:

 On Wed, 16 Feb 2011 15:32:46 -0600
 Ted Creedon tcree...@easystreet.net wrote:

  Andlizzy:/usr/afs/logs # udebug localhost 7003
  Host's addresses are: 10.1.1.211

 Okay, um... from ookpik:

 rxdebug 10.1.1.211 7003
 rxdebug lizzy 7003
 udebug 10.1.1.211 7003

 I'm assuming there's no firewall on lizzy that could be interfering with
 this? You could try downgrading to 1.4.14 to see if it changes anything,
 but I have a hard time imagining what could possibly be doing that.

 --
 Andrew Deason
 adea...@sinenomine.net

Re: [OpenAFS] Re: openafs-1.6.0pre2 issues

[Ted Creedon]

Backported to 1.4.14 same problem, but getting an error message

ookpik:~ # rxdebug lizzy 7003
Trying 10.1.1.211 (port 7003):
getstats call failed with code -1
ookpik:~ #

tcpdump on lizzy while udebug'ed from ookpik

lizzy.creedon.biz.afs3-prserver  ookpik.creedon.biz.afs3-prserver: [bad udp
cksum d710!]  rx abort cid 12785f50 call# 67 seq 0 ser 68 secindex 2
serviceid 50 pt ubik reply vote-beacon vote yes until 2011/02/16 16:39:06
(32)

Re: [OpenAFS] Re: openafs-1.6.0pre2 issues

[Ted Creedon]

Did an iptables -L on lizzy and guess what?

Somehow the firewall got turned on.

back to 1.6.

ted

Re: [OpenAFS] 127.0.0.2 keeps popping up

[Ted Creedon]

That's the point no 127.0.0.2 anywhere on any machine

But putting it into NetRestrict on redcloud cured the problem

There's a subtle bug somewhere either in afs or the called routine from
Linux

Udebug disclosed the second address when there was none

This will show up in any machine with wi-fi (which I disable)

ted

On Fri, Feb 11, 2011 at 7:08 PM, Derrick Brashear sha...@gmail.com wrote:

 look at /etc/hosts on the machine? see if it's providing that as an ip
 for your hostname.

 On Fri, Feb 11, 2011 at 7:37 PM, Ted Creedon tcree...@easystreet.net
 wrote:
  ookpik (10.1.1.186) reports Fri Feb 11 16:12:02 2011 ubik: A Remote
 Server
  has addresses: Fri Feb 11 16:12:02 2011 10.1.1.210 Fri Feb 11 16:12:02
 2011
  127.0.0.2
 
  and server redcloud's adddress (10.1.1.210) gets changed to 127.0.0.2
  replecing redcloud.creedon.biz
 
  I.e.
 
  vos listvldb
 
  z2001.vol
  RWrite: 536870918 ROnly: 536870919
  number of sites - 4
 server geronimo.creedon.biz partition /vicepa RW Site
 server geronimo.creedon.biz partition /vicepa RO Site
 server ookpik.creedon.biz partition /vicepa RO Site
 server 127.0.0.2 partition /vicepa RO Site
 
   vos listaddrs
 
  ookpik.creedon.biz
  geronimo.creedon.biz
  geronimo1.creedon.biz
  127.0.0.2
  redcloud.creedon.biz
 
  Happens frequently
 
  tedc
 
  Openafs ver 1.4.14
 
  Linux'es
 
  redcloud 2.6.34.7-0.7-desktop-ted
  geronimo 2.6.34.7-0.7-desktop-ted
  ookpik 2.6.27.7-9-i7
 
 



 --
 Derrick

[OpenAFS] 127.0.0.2 keeps popping up

[Ted Creedon]

ookpik (10.1.1.186) reports Fri Feb 11 16:12:02 2011 ubik: A Remote Server
has addresses: Fri Feb 11 16:12:02 2011 10.1.1.210 Fri Feb 11 16:12:02 2011
127.0.0.2

and server redcloud's adddress (10.1.1.210) gets changed to 127.0.0.2
replecing redcloud.creedon.biz

I.e.

vos listvldb

z2001.vol
RWrite: 536870918 ROnly: 536870919
number of sites - 4
   server geronimo.creedon.biz partition /vicepa RW Site
   server geronimo.creedon.biz partition /vicepa RO Site
   server ookpik.creedon.biz partition /vicepa RO Site
   server 127.0.0.2 partition /vicepa RO Site

 vos listaddrs

ookpik.creedon.biz
geronimo.creedon.biz
geronimo1.creedon.biz
127.0.0.2
redcloud.creedon.biz

Happens frequently

tedc

Openafs ver 1.4.14

Linux'es

redcloud 2.6.34.7-0.7-desktop-ted
geronimo 2.6.34.7-0.7-desktop-ted
ookpik 2.6.27.7-9-i7

Re: [OpenAFS] openafs on suse 10.2 with kernel 2.6.18.2-34-default

[Ted Creedon]

I have always compiled the sources for SuSE.

Move the libafs'uname-r'.ko from /usr/vice/etc to /lib/modules/'uname
-r'/kernel/fs/afs and do a depmod.

SuSE has /etc/init.d/afs-client and /etc/init.d/afs-sserver to stop/start
afs. afs-client reads /etc/sysconfig/afs-client

the with --mit-krb5 configure switch needs to be used to get aklog
compiled...

Tedc

On Wed, Feb 2, 2011 at 5:21 AM, rosatrancoso rosatranc...@gmail.com wrote:

 Hello!

 I am trying to install openafs in machines with:

 cat /etc/SuSE-release: openSUSE 10.2 (X86-64)
 uname -r : 2.6.18.2-34-default

 I need to install openafs-client (which needs openafs) and
 openafs-krb5-mit.
 Everything installs OK but when I try to activate the service, it says that
 openafs-client is not installed.
 Why?
 Do I need to install openafs-kmp-default? The problem with this is that the
 available version of this rpm is not compatible with my kernel (2.6.18
 versus
 http://download.opensuse.org/repositories/filesystems/SLE_10/x86_64/openafs-kmp-default-1.4.12.1_2.6.16.46_0.12-11.1.x86_64.rpm)
 I don't want to update the kernel as my machine has very important services
 running,..

 So, what can I do? Compile openafs-kernel-source? Are there any other
 rpm's?

 Thank you
 Rosa

Re: [OpenAFS] Re: client crashes 1.4.14

[Ted Creedon]

I can start the client (on the server geronimo) and get an aklog token

Since the -localauth switch works, I asssume its keyed properly (single des
same kvno)

If I do an ls /afs the cpu stops and a hard reset is required

I suspect that the problem is in the mounts

I have 3 more machines to experiment with all are 2.6.x kernels and the
1.4.14 tar.gz release source

There are no error messages (the 1.6pre1 seemed to work on geronimo except
for the RX cleanup errors.).

the volumes all salvage OK  sync

Ted

On Tue, Jan 18, 2011 at 6:25 PM, Andrew Deason adea...@sinenomine.netwrote:

 On Tue, 18 Jan 2011 15:54:42 -0800
 Ted Creedon tcree...@easystreet.net wrote:

  1.4.14 openafs  on 2.6.34.7-0.7 linux

 Distro? And does this occur on 1.4.12.1? Because 1.4.14 is almost
 exactly the same as 1.4.12.1.

  the following  happens when the client is started
 
  Message from syslogd@geronimo at Jan 18 15:50:59 ...
   kernel:[ 6918.225730] invalid opcode:  [#1] PREEMPT SMP
 
  Message from syslogd@geronimo at Jan 18 15:50:59 ...
   kernel:[ 6918.225737] last sysfs file:
 
 /sys/devices/pci:00/:00:14.1/host1/target1:0:0/1:0:0:0/block/sdb/uevent

 We need more than that. All of the stuff around/after 'Call Trace:' or
 similar, and anything with 'openafs:' would probably help to at least
 point at something. You also typically want the text immediately
 _before_ the [cut here] - [please bite here]   marker.

 All of that should be in syslog (possibly kern.log, or 'messages', or
 wherever the relevant syslog messages get sent to)

 --
 Andrew Deason
 adea...@sinenomine.net

 ___
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Re: client crashes 1.4.14

[Ted Creedon]

bos listkeys $S
bos: security object was passed a bad ticket error encountered while listing
keys
 bos listkeys $S -localauth
key 1 has cksum 1520092366
Keys last changed on Tue Jan 18 17:17:58 2011.
All done.

Looks like a keying problem - is there any way to print the key out rather
than the checksum so I can check against asetkey?

Ted
On Wed, Jan 19, 2011 at 9:20 AM, Andrew Deason adea...@sinenomine.netwrote:

 On Wed, 19 Jan 2011 09:10:58 -0800
 Ted Creedon tcree...@easystreet.net wrote:

  If I do an ls /afs the cpu stops and a hard reset is required

 So, I take this to mean that the machine is unresponsive? Can you try
 pressing Alt-SysRq-t and see if the process list traces are recorded
 when this occurs?

 --
 Andrew Deason
 adea...@sinenomine.net

 ___
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Re: client crashes 1.4.14

[Ted Creedon]

I'll fix that - just figured out how ktutil won't wkt to an existing file
(except append)

ted

On Wed, Jan 19, 2011 at 10:09 AM, Derrick Brashear sha...@gmail.com wrote:

 On Wed, Jan 19, 2011 at 12:48 PM, Ted Creedon tcree...@easystreet.net
 wrote:
  bos listkeys $S
  bos: security object was passed a bad ticket error encountered while
 listing
  keys

 with admin tokens?
 try -c (your cell)?


  Looks like a keying problem - is there any way to print the key out
 rather
  than the checksum so I can check against asetkey?

 doesn't look like a keying problem yet. not enough info to tell.

Re: [OpenAFS] resurrecting dead server

[Ted Creedon]

vos syncserv -server $S -partition a -dryrun -cell $C -localauth -verbose

ends up with Aborted
cut
7f9ebdaec000-7f9ebdaed000 rw-p  00:00 0
7fff833da000-7fff83425000 rw-p  00:00 0
[stack]
7fff83545000-7fff83546000 r-xp  00:00 0
[vdso]
ff60-ff601000 r-xp  00:00 0
[vsyscall]
Aborted



On Tue, Jan 18, 2011 at 11:26 AM, Ted Creedon tcree...@easystreet.netwrote:

 I did a reinstall, kerberos, linux, everything

 Do I need to set up root.cell and root.afs prior to syncing /vicepa?

 ted


 On Sun, Jan 16, 2011 at 12:26 PM, Jason Edgecombe ja...@rampaginggeek.com
  wrote:

 I recommend a reinstall, then copy /usr/afs/etc from another server to
 copy the KeyFile, CellServ, etc.

 Jason

 On 01/16/2011 01:48 PM, Ted Creedon wrote:

 How about moving the /usr/afs directories from a known good server to the
 RW
 server and doing the same?

 ted

 On Sun, Jan 16, 2011 at 7:10 AM, Jason Edgecombeja...@rampaginggeek.com
 wrote:

  On 01/15/2011 01:05 PM, Ted Creedon wrote:

  my R/W server died but /vicepa and /vicepb were saved on their raid
 drives.
 this server also ran the krb5kdc...

 there are 2 other RO servers still OK but 2 out of 20 volumes are not
 up
 to
 date. both were running upclient etc

 the data on the RO servers is:
 /usr/afs/db:
 total 316
 drwx-- 2 root root   4096 May  5  2009 ./
 drwxr-xr-x 7 root root   4096 May  6  2009 ../
 -rw--- 1 root root   1088 May  2  2009 bdb.DB0
 -rw--- 1 root root 64 Jan  7 12:18 bdb.DBSYS1
 -rw--- 1 root root  68672 May  5  2009 prdb.DB0
 -rw--- 1 root root  68672 May  5  2009 prdb.DB0.bak
 -rw--- 1 root root 64 Jan  7 12:18 prdb.DBSYS1
 -rw--- 1 root root 64 May  5  2009 prdb.DBSYS1.bak
 -rw--- 1 root root 18 Jan  7 12:18 vldb.DB0
 -rw--- 1 root root 64 Jan  7 13:50 vldb.DBSYS1

 /usr/afs/etc:
 total 80
 drwxr-xr-x 2 root root  4096 Jun 16  2010 ./
 drwxr-xr-x 7 root root  4096 May  6  2009 ../
 -rw-r--r-- 1 root root   162 Jan  7 12:17 CellServDB
 -rw--- 1 root root   100 May  6  2009 KeyFile
 -rw-r--r-- 1 root root10 May  2  2009 NetRestrict
 -rw-r--r-- 1 root root11 May  6  2009 ThisCell
 -rw-r--r-- 1 root root39 Nov 15  2008 UserList

 /usr/afs/local:
 total 24
 drwx-- 2 root root 4096 Jan  7 13:53 ./
 drwxr-xr-x 7 root root 4096 May  6  2009 ../
 -rw-r--r-- 1 root root  313 Apr 30  2009 BosConfig
 -rw-r--r-- 1 root root   10 May  6  2009 NetRestrict
 -rw-r--r-- 1 root root0 Jan  7 13:53 SALVAGE.fs
 srwxr-xr-x 1 root root0 Jan  7 12:22 fssync.sock=
 -rw-r--r-- 1 root root0 May  2  2009 salvage.lock
 -rw-r--r-- 1 root root   32 Jan  7 11:55 sysid
 -rw-r--r-- 1 root root   32 Jan  7 11:00 sysid.old


 what's the best way to proceed after I rekey

 PS I also have vos dump files but the 2 aforementiined volumes are not
 up
 to
 date.

 thanks

 tedc

  I suggest connecting the raid drives to another server, possibly one
 of

 your R/O servers. Mount the /vicepX partitions, restart the fileserver,
 then
 run vos syncserv and vos syncvldb to have the recovered volumes be
 remapped to the different server.


 ___
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] resurrecting dead server

[Ted Creedon]

Does that mean it works or not?

PS vicepa has
root.afs  536870912 RW  4 K On-line
root.afs.readonly 536870913 RO  4 K On-line
root.cell 536870915 RW   2634 K On-line
root.cell.readonly536870916 RO 24 K On-line

do these need to be mounted before or after syncing?

Ted


On Tue, Jan 18, 2011 at 11:46 AM, Derrick Brashear sha...@gmail.com wrote:

 that's fixed post-1.6.0pre1. pre2 isn't out yet.

 On Tue, Jan 18, 2011 at 2:42 PM, Ted Creedon tcree...@easystreet.net
 wrote:
  vos syncserv -server $S -partition a -dryrun -cell $C -localauth -verbose
 
  ends up with Aborted
  cut
  7f9ebdaec000-7f9ebdaed000 rw-p  00:00 0
  7fff833da000-7fff83425000 rw-p  00:00 0
  [stack]
  7fff83545000-7fff83546000 r-xp  00:00 0
  [vdso]
  ff60-ff601000 r-xp  00:00 0
  [vsyscall]
  Aborted
 
 
 
  On Tue, Jan 18, 2011 at 11:26 AM, Ted Creedon tcree...@easystreet.net
  wrote:
 
  I did a reinstall, kerberos, linux, everything
 
  Do I need to set up root.cell and root.afs prior to syncing /vicepa?
 
  ted
 
  On Sun, Jan 16, 2011 at 12:26 PM, Jason Edgecombe
  ja...@rampaginggeek.com wrote:
 
  I recommend a reinstall, then copy /usr/afs/etc from another server to
  copy the KeyFile, CellServ, etc.
 
  Jason
 
  On 01/16/2011 01:48 PM, Ted Creedon wrote:
 
  How about moving the /usr/afs directories from a known good server to
  the RW
  server and doing the same?
 
  ted
 
  On Sun, Jan 16, 2011 at 7:10 AM, Jason
  Edgecombeja...@rampaginggeek.comwrote:
 
  On 01/15/2011 01:05 PM, Ted Creedon wrote:
 
  my R/W server died but /vicepa and /vicepb were saved on their raid
  drives.
  this server also ran the krb5kdc...
 
  there are 2 other RO servers still OK but 2 out of 20 volumes are
 not
  up
  to
  date. both were running upclient etc
 
  the data on the RO servers is:
  /usr/afs/db:
  total 316
  drwx-- 2 root root   4096 May  5  2009 ./
  drwxr-xr-x 7 root root   4096 May  6  2009 ../
  -rw--- 1 root root   1088 May  2  2009 bdb.DB0
  -rw--- 1 root root 64 Jan  7 12:18 bdb.DBSYS1
  -rw--- 1 root root  68672 May  5  2009 prdb.DB0
  -rw--- 1 root root  68672 May  5  2009 prdb.DB0.bak
  -rw--- 1 root root 64 Jan  7 12:18 prdb.DBSYS1
  -rw--- 1 root root 64 May  5  2009 prdb.DBSYS1.bak
  -rw--- 1 root root 18 Jan  7 12:18 vldb.DB0
  -rw--- 1 root root 64 Jan  7 13:50 vldb.DBSYS1
 
  /usr/afs/etc:
  total 80
  drwxr-xr-x 2 root root  4096 Jun 16  2010 ./
  drwxr-xr-x 7 root root  4096 May  6  2009 ../
  -rw-r--r-- 1 root root   162 Jan  7 12:17 CellServDB
  -rw--- 1 root root   100 May  6  2009 KeyFile
  -rw-r--r-- 1 root root10 May  2  2009 NetRestrict
  -rw-r--r-- 1 root root11 May  6  2009 ThisCell
  -rw-r--r-- 1 root root39 Nov 15  2008 UserList
 
  /usr/afs/local:
  total 24
  drwx-- 2 root root 4096 Jan  7 13:53 ./
  drwxr-xr-x 7 root root 4096 May  6  2009 ../
  -rw-r--r-- 1 root root  313 Apr 30  2009 BosConfig
  -rw-r--r-- 1 root root   10 May  6  2009 NetRestrict
  -rw-r--r-- 1 root root0 Jan  7 13:53 SALVAGE.fs
  srwxr-xr-x 1 root root0 Jan  7 12:22 fssync.sock=
  -rw-r--r-- 1 root root0 May  2  2009 salvage.lock
  -rw-r--r-- 1 root root   32 Jan  7 11:55 sysid
  -rw-r--r-- 1 root root   32 Jan  7 11:00 sysid.old
 
 
  what's the best way to proceed after I rekey
 
  PS I also have vos dump files but the 2 aforementiined volumes are
 not
  up
  to
  date.
 
  thanks
 
  tedc
 
   I suggest connecting the raid drives to another server, possibly
 one
  of
 
  your R/O servers. Mount the /vicepX partitions, restart the
 fileserver,
  then
  run vos syncserv and vos syncvldb to have the recovered volumes
 be
  remapped to the different server.
 
  ___
  OpenAFS-info mailing list
  OpenAFS-info@openafs.org
  https://lists.openafs.org/mailman/listinfo/openafs-info
 
 
 



 --
 Derrick

[OpenAFS] BosConfig error

[Ted Creedon]

I backed up from 1.6.pre1 to 1.4.14 and the 1.4.14 bosserver carps about the
BosCOnfig that worked under 1.6

Tue Jan 18 12:51:06 2011: Server directory access is okay
Tue Jan 18 12:51:06 2011: bosserver: Something is wrong (-1) with the bos
configuration file /usr/afs/local/BosConfig; aborting

ted

Re: [OpenAFS] Re: resurrecting dead server

[Ted Creedon]

vos syncserv -server $S -partition a -dryrun -cell $C -localauth -verbose
andvos syncvldb -server $S -partition a  -cell $C -localauth -verbose

work without errors.

whats the best way to mount root.afs, root.cell and the 25 volumes ?

thanks

ted


On Tue, Jan 18, 2011 at 12:05 PM, Andrew Deason adea...@sinenomine.netwrote:

 On Tue, 18 Jan 2011 11:56:27 -0800
 Ted Creedon tcree...@easystreet.net wrote:

  Does that mean it works or not?

 You specified '-dryrun' in the syncserv options, so I would guess it
 didn't actually do anything. 'vos listvl root.afs' and root.cell can
 tell you if the vldb entries are pointed at the right place. If they're
 not, you can try syncserv/syncvldb'ing, probably with a 1.4 'vos' if you
 don't want that ugly error to appear.

 --
 Andrew Deason
 adea...@sinenomine.net

 ___
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Re: resurrecting dead server

[Ted Creedon]

Looks  like all volumes are back up

Some directories have a Permission denied problem is it the permissions  on
user admin or the setacl's for the directory - or both?

Thanks for all your help

ted

[OpenAFS] client crashes

[Ted Creedon]

1.4.14 openafs  on 2.6.34.7-0.7 linux

the following  happens when the client is started

Message from syslogd@geronimo at Jan 18 15:50:59 ...
 kernel:[ 6918.225730] invalid opcode:  [#1] PREEMPT SMP

Message from syslogd@geronimo at Jan 18 15:50:59 ...
 kernel:[ 6918.225737] last sysfs file:
/sys/devices/pci:00/:00:14.1/host1/target1:0:0/1:0:0:0/block/sdb/uevent

Re: [OpenAFS] resurrecting dead server

[Ted Creedon]

How about moving the /usr/afs directories from a known good server to the RW
server and doing the same?

ted

On Sun, Jan 16, 2011 at 7:10 AM, Jason Edgecombe ja...@rampaginggeek.comwrote:

 On 01/15/2011 01:05 PM, Ted Creedon wrote:

 my R/W server died but /vicepa and /vicepb were saved on their raid
 drives.
 this server also ran the krb5kdc...

 there are 2 other RO servers still OK but 2 out of 20 volumes are not up
 to
 date. both were running upclient etc

 the data on the RO servers is:
 /usr/afs/db:
 total 316
 drwx-- 2 root root   4096 May  5  2009 ./
 drwxr-xr-x 7 root root   4096 May  6  2009 ../
 -rw--- 1 root root   1088 May  2  2009 bdb.DB0
 -rw--- 1 root root 64 Jan  7 12:18 bdb.DBSYS1
 -rw--- 1 root root  68672 May  5  2009 prdb.DB0
 -rw--- 1 root root  68672 May  5  2009 prdb.DB0.bak
 -rw--- 1 root root 64 Jan  7 12:18 prdb.DBSYS1
 -rw--- 1 root root 64 May  5  2009 prdb.DBSYS1.bak
 -rw--- 1 root root 18 Jan  7 12:18 vldb.DB0
 -rw--- 1 root root 64 Jan  7 13:50 vldb.DBSYS1

 /usr/afs/etc:
 total 80
 drwxr-xr-x 2 root root  4096 Jun 16  2010 ./
 drwxr-xr-x 7 root root  4096 May  6  2009 ../
 -rw-r--r-- 1 root root   162 Jan  7 12:17 CellServDB
 -rw--- 1 root root   100 May  6  2009 KeyFile
 -rw-r--r-- 1 root root10 May  2  2009 NetRestrict
 -rw-r--r-- 1 root root11 May  6  2009 ThisCell
 -rw-r--r-- 1 root root39 Nov 15  2008 UserList

 /usr/afs/local:
 total 24
 drwx-- 2 root root 4096 Jan  7 13:53 ./
 drwxr-xr-x 7 root root 4096 May  6  2009 ../
 -rw-r--r-- 1 root root  313 Apr 30  2009 BosConfig
 -rw-r--r-- 1 root root   10 May  6  2009 NetRestrict
 -rw-r--r-- 1 root root0 Jan  7 13:53 SALVAGE.fs
 srwxr-xr-x 1 root root0 Jan  7 12:22 fssync.sock=
 -rw-r--r-- 1 root root0 May  2  2009 salvage.lock
 -rw-r--r-- 1 root root   32 Jan  7 11:55 sysid
 -rw-r--r-- 1 root root   32 Jan  7 11:00 sysid.old


 what's the best way to proceed after I rekey

 PS I also have vos dump files but the 2 aforementiined volumes are not up
 to
 date.

 thanks

 tedc

  I suggest connecting the raid drives to another server, possibly one of
 your R/O servers. Mount the /vicepX partitions, restart the fileserver, then
 run vos syncserv and vos syncvldb to have the recovered volumes be
 remapped to the different server.

 Jason
 ___
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/mailman/listinfo/openafs-info

[OpenAFS] resurrecting dead server

[Ted Creedon]

my R/W server died but /vicepa and /vicepb were saved on their raid drives.
this server also ran the krb5kdc...

there are 2 other RO servers still OK but 2 out of 20 volumes are not up to
date. both were running upclient etc

the data on the RO servers is:
/usr/afs/db:
total 316
drwx-- 2 root root   4096 May  5  2009 ./
drwxr-xr-x 7 root root   4096 May  6  2009 ../
-rw--- 1 root root   1088 May  2  2009 bdb.DB0
-rw--- 1 root root 64 Jan  7 12:18 bdb.DBSYS1
-rw--- 1 root root  68672 May  5  2009 prdb.DB0
-rw--- 1 root root  68672 May  5  2009 prdb.DB0.bak
-rw--- 1 root root 64 Jan  7 12:18 prdb.DBSYS1
-rw--- 1 root root 64 May  5  2009 prdb.DBSYS1.bak
-rw--- 1 root root 18 Jan  7 12:18 vldb.DB0
-rw--- 1 root root 64 Jan  7 13:50 vldb.DBSYS1

/usr/afs/etc:
total 80
drwxr-xr-x 2 root root  4096 Jun 16  2010 ./
drwxr-xr-x 7 root root  4096 May  6  2009 ../
-rw-r--r-- 1 root root   162 Jan  7 12:17 CellServDB
-rw--- 1 root root   100 May  6  2009 KeyFile
-rw-r--r-- 1 root root10 May  2  2009 NetRestrict
-rw-r--r-- 1 root root11 May  6  2009 ThisCell
-rw-r--r-- 1 root root39 Nov 15  2008 UserList

/usr/afs/local:
total 24
drwx-- 2 root root 4096 Jan  7 13:53 ./
drwxr-xr-x 7 root root 4096 May  6  2009 ../
-rw-r--r-- 1 root root  313 Apr 30  2009 BosConfig
-rw-r--r-- 1 root root   10 May  6  2009 NetRestrict
-rw-r--r-- 1 root root0 Jan  7 13:53 SALVAGE.fs
srwxr-xr-x 1 root root0 Jan  7 12:22 fssync.sock=
-rw-r--r-- 1 root root0 May  2  2009 salvage.lock
-rw-r--r-- 1 root root   32 Jan  7 11:55 sysid
-rw-r--r-- 1 root root   32 Jan  7 11:00 sysid.old


what's the best way to proceed after I rekey

PS I also have vos dump files but the 2 aforementiined volumes are not up to
date.

thanks

tedc

Re: [OpenAFS] Re: openafs-stable-1_6_0pre1 installing with various OpenSUSE kernels

[Ted Creedon]

I do an insmod ./libafs-*** from the /usr/vice/etc directory after I verify
its actually reinstalled

I'll keep you posted, right now I'm upgrading my main fileserver

tedc

On Mon, Jan 10, 2011 at 8:07 AM, Andrew Deason adea...@sinenomine.netwrote:

 On Sat, 8 Jan 2011 08:31:21 -0800
 Ted Creedon tcree...@easystreet.net wrote:

  both insmod  modprobe. I check it first before I move it to
  /lib/modules/'uname'/kernel/fs/afs/libafs.ko and depmod -a.
 
  Doesn't depmod haul in all the dependencies?

 Yeah, as Matt said, if you load it with modprobe after depmod, it should
 do the right thing. If you're loading it manually with insmod from some
 random dir, you need exportfs first.

 --
 Andrew Deason
 adea...@sinenomine.net

 ___
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/mailman/listinfo/openafs-info

Re: [OpenAFS] Re: vos unlock vldb errror

[Ted Creedon]

I'm upgrading all my servers - I'll confirm

thanks

ted

On Fri, Jan 7, 2011 at 9:14 PM, Andrew Deason adea...@sinenomine.netwrote:

 On Fri, 7 Jan 2011 12:04:58 -0800
 Ted Creedon tcree...@easystreet.net wrote:

  vos unlockvldb -server ookpik ffails
 
  Unlocked all the VLDB entries for volumes on server ookpik
  *** glibc detected *** vos: free(): invalid pointer: 0x0068e320
 ***

 This patch should fix it:
 
 http://git.openafs.org/?p=openafs.git;a=commitdiff_plain;h=18d99e29056f63276209caec304ac17f4ea3c2f1
 

 Want to confirm?

 --
 Andrew Deason
 adea...@sinenomine.net

 ___
 OpenAFS-info mailing list
 OpenAFS-info@openafs.org
 https://lists.openafs.org/mailman/listinfo/openafs-info

[OpenAFS] openafs-stable-1_6_0pre1 installing with various OpenSUSE kernels

[Ted Creedon]

I'm upgrading all my servers:

So far with /configure --enable-transarc-paths  --enable-namei-fileserver
--with-linux-kernel-headers=/usr/src/linux   --enable-bitmap-later
--enable-supergroups
***

server redcloud
kernel 2.6.27.7-9 compiles and installs but errors out

Starting OpenAFS Server/usr/afs/bin/bosserver: error while loading shared
libraries: librokenafs.so.1: cannot open shared object file: No such file or
directory
startproc:  exit status of parent of /usr/afs/bin/bosserver: 127
**
server geronimo
kernel  2.6.22.5-31
seems to compile and install but git carps
make all
usage: git-diff-index [-m] [--cached] [common diff options] tree-ish
[path...]

and a client error

insmod: error inserting './libafs-2.6.22.5-31-default-ted.mp.ko': -1 Unknown
symbol in module


server ookpik
kernel 2.6.27.7-9

seems to compile * run OK but (geronimo contains the RW volumes)

Help is appreciated

thanks

tedc