Nancy:
Both the MSI and EXE installers distributed from openafs.org are
designed to upgrade previous IBM AFS clients. Of course, it is
preferable to perform a clean uninstall of IBM AFS first. Performing
an uninstall via Add/Remove Programs of the IBM AFS client should
be successful unless it
Hello,
We have a large user base for AFS, some of whom are using the last version of
the Transarc client. We'd like to migrate all of them to OpenAFS if possible. My
two main questions at this point are:
* Is it possible to do a clean uninstall of the Transarc client without having
to comple
AFS administrators attending the LISA 2005 conference in San Diego are
invited to participate in a one-day AFS workshop. The workshop will
be held on Tuesday, December 6; the LISA conference is December 7-9.
The AFS workshop at LISA is designed for experienced AFS
administrators to share informat
On 10/27/05, aK <[EMAIL PROTECTED]> wrote:
> any links do you know where I can get a doc on how to setup a afs server on
> Panther?
>
To my knowledge there is no Panther specific AFS documentation at this time.
___
OpenAFS-info mailing list
OpenAFS-info
Todd M. Lewis wrote:
> Unfortunately, the only available "someplace" to turn on encryption is
> on the client. Turning on encryption on a client encrypts all traffic
> bound to that client (most of it unnecessarily). Yet the same data
> passes in the clear if another client accesses it.
>
> It wo
>It would be a Good Thing if encryption were a per directory thing like
>an ACL, enforced by the server, so you could make sure your sensitive
>information was never passed in the clear. I have no idea how hard it
>would be to implement an "encrypted directory" flag, but I suspect it
>would me
[EMAIL PROTECTED] wrote:
On 10/28/05, Joe Buehler <[EMAIL PROTECTED]> wrote:
Something of importance, is putting sensitive information like ssh
private keys and PGP keys, etc in AFS is a bad idea unless you have
encryption in there someplace. Same is true for any network based
filesystem.
Jim Rees wrote:
> > You need "StrictModes no" in sshd_config.
> This seems like a bad idea for security reasons...
>
> Why?
Not everyone on the machine has his .ssh under /afs.
--
Joe Buehler
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
I'd like to announce the first release of an AFS ACL extension for
Gnome's file manager Nautilus. The ACL editor will turn up as a tab in
the properties dialog of a directory in AFS.
Kvibille 0.1 can be found through various means:
/afs/nada.kth.se/misc/hacks/ftp/kvibille/kvibille-0.1.tar.bz2
ftp
[EMAIL PROTECTED] wrote:
> Something of importance, is putting sensitive information like ssh
> private keys and PGP keys, etc in AFS is a bad idea unless you have
> encryption in there someplace. Same is true for any network based
> filesystem.
Yes -- the private keys are encrypted and the dire
Hendrik Hoeth wrote:
> [10:38] [EMAIL PROTECTED]:~ $ ls -dl /afs
> drwxr-xr-x 2 root root 4096 Nov 9 2004 /afs
> [10:38] [EMAIL PROTECTED]:~ $
>
> Works for me ... ;-)
What are your afsd options and what OS is this? Some
OS's are fine -- AIX 5.2 isn't, in our case.
--
Joe Buehler
__
Thus spake Joe Buehler ([EMAIL PROTECTED]):
> Jim Rees wrote:
> > You need "StrictModes no" in sshd_config.
>
> This seems like a bad idea for security reasons...
Well ... erm ... since afs doesn't care about these permissions anyhow
you're talking about the security-by-obscurity concept, without
> You need "StrictModes no" in sshd_config.
This seems like a bad idea for security reasons...
Why?
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info
Jim Rees wrote:
> You need "StrictModes no" in sshd_config.
This seems like a bad idea for security reasons...
> As far as I know, there is nothing special about the mode on /afs. You
> could probably have your admin chmod it.
Can't do that -- EROFS
--
Joe Buehler
___
On 10/28/05, Joe Buehler <[EMAIL PROTECTED]> wrote:
> The default afsd options (for AIX machines at least) end up
> producing a /afs directory that is mode 777. This causes
> sshd to refuse to use public key files stored in .ssh
> directories somewhere under /afs.
Something of importance, is put
Thus spake Joe Buehler ([EMAIL PROTECTED]):
> My question is, where does the mode 777 come from?
Well, who created the directory?
> Is there any real reason for it to be 777 given that it's the AFS
> mount point? Wouldn't 755 be a better mode?
[10:38] [EMAIL PROTECTED]:~ $ ls -dl /afs
drwxr-xr-
The default afsd options (for AIX machines at least) end up
producing a /afs directory that is mode 777. This causes
sshd to refuse to use public key files stored in .ssh
directories somewhere under /afs.
You need "StrictModes no" in sshd_config.
My question is, where does the mode 777
The default afsd options (for AIX machines at least) end up
producing a /afs directory that is mode 777. This causes
sshd to refuse to use public key files stored in .ssh
directories somewhere under /afs.
Adding -afsdb -dynroot -fakestat causes the mode to change
to 755, which works properly. I
* Derrick J Brashear [2005-10-28 08:51:46 -0400]:
> On Fri, 28 Oct 2005, Sergio Gelato wrote:
> >Precisely. Having recently tried to upgrade OpenAFS on a Solaris 8
> >test system via the modunload route, I can say that if AFS is in active
> >use there is a good chance of the modunload approach trig
In message <[EMAIL PROTECTED]>,Joe Buehler writes:
>In that case, is there any documentation regarding how big a
>cache is supported and what to set the various afsd parameters
>to? I lack understanding of the cache data structures and
>what chunksize is etc.
i believe everything is counted in bl
On Fri, 28 Oct 2005, Sergio Gelato wrote:
One caveat though is that if things are trying to access files in AFS on
the client while you shutdown the client, the afsd processes won't die.
Precisely. Having recently tried to upgrade OpenAFS on a Solaris 8
test system via the modunload route, I c
W. Aufsattler wrote:
> we have a strange problem with afsd on our Windows 2003-Terminalservers.
> I guess it isn't a bug but maybe we have overseen something.
>
> We run several Windows 2003-Terminalservers with Citrix for a pool with
> 120 Thin-Clients.
> Home-directories (and profiles) are in A
chas williams - CONTRACTOR wrote:
> its in the head and the openafs-stable-1_4_x branch.
Great! I'm using 1.4.x.
In that case, is there any documentation regarding how big a
cache is supported and what to set the various afsd parameters
to? I lack understanding of the cache data structures and
we have a strange problem with afsd on our Windows 2003-Terminalservers.
I guess it isn't a bug but maybe we have overseen something.
We run several Windows 2003-Terminalservers with Citrix for a pool with 120
Thin-Clients.
Home-directories (and profiles) are in AFS-Land and are accessed via the
* Coy Hile [2005-10-27 12:19:30 -0700]:
> On Thu, 27 Oct 2005, E. Chris Garrison wrote:
> >
> > Thanks for the suggestions, Coy.
> >
> > It doesn't complain about any of those, but the afsd processes are
> > still running and 'modinfo' still shows the module.
> >
>
> I've seen the same thing here
25 matches
Mail list logo