On Thursday, January 05, 2006 04:21:52 PM -0500 Rodney M Dyer
<[EMAIL PROTECTED]> wrote:
Wasn't there some talk about the DFS code being opened? And didn't DFS
have file level ACLs? Could any of that code be ported to AFS, or is
there already a project underway for file level ACLs in AFS?
On Thu, 5 Jan 2006, Adam Megacz wrote:
By the way, it looks like there's a moderately-easy way to achieve
network interface isolation (on Linux at least); it looks like you can
use the "chbind" command from the VServer project without going to the
trouble of setting up a whole virtual machine
Derrick J Brashear <[EMAIL PROTECTED]> writes:
> On Thu, 5 Jan 2006, Adam Megacz wrote:
>> What are the problems with running multiple servers, assuming I
>> compiled multiple copies of OpenAFS (with different --prefix=
>> configure arguments) and somehow managed to get each one to think that
>> t
On Thu, 5 Jan 2006, Adam Megacz wrote:
What are the problems with running multiple servers, assuming I
compiled multiple copies of OpenAFS (with different --prefix=
configure arguments) and somehow managed to get each one to think that
the machine only had one network interface (and each copy sa
> Derrick J Brashear <[EMAIL PROTECTED]> writes:
>> You could modify the code for the server processes to support -rxbind.
>> Other people have covered why it's not necessarily what you want, and
>> you aren't likely to find a "cheap" way to serve multiple cells from a
>> single machine.
Actually
At 03:30 PM 1/5/2006, Lester Barrows wrote:
On Thursday 05 January 2006 7:32 am, Ken Hornstein wrote:
This appears to be a security decision based primarily on a technical
limitation in AFS. The per-directory ACL limitation itself was more or less
what I was discussing, as it has caused me more t
Adam Megacz wrote:
> Any off-the-top-of-the-head reasons why an OpenAFS **server** would
> get upset running in user mode linux [1] with its own IP all to
> itself?
>
I can't offhand, but I *would* advise looking into Xen instead -- it has
a much, much smaller performance footprint.
I have found this discussion very interesting, and it appears many sites
are living with the "l" symlinks for .k5login to a directory with "rl".
mostly because that is the simplest thing to do.
But after reading Jeff Hutzelman's note from earlier today, maybe the
problem is not with AFS but with K
On Thu, 5 Jan 2006, Adam Megacz wrote:
Derrick J Brashear <[EMAIL PROTECTED]> writes:
You could modify the code for the server processes to support -rxbind.
Other people have covered why it's not necessarily what you want, and
you aren't likely to find a "cheap" way to serve multiple cells fro
Derrick J Brashear <[EMAIL PROTECTED]> writes:
> You could modify the code for the server processes to support -rxbind.
> Other people have covered why it's not necessarily what you want, and
> you aren't likely to find a "cheap" way to serve multiple cells from a
> single machine.
Yeah, that's a
On Thursday 05 January 2006 7:32 am, Ken Hornstein wrote:
> Given the choice between files possibly being world-readable and users
> having to expose their password for every login (even if you're
> encrypting the session, we've learned the hard way that isn't enough
> anymore), we decided to go wi
Sean Kelly <[EMAIL PROTECTED]> writes:
> This may have been covered in list archives somewhere, but I failed to
> locate it.
> I'm having an issue where dead/broken mountpoints in AFS cause ls to
> output error messages. For example, I just did a `vos remove `
> of a mounted volume and now when I
On Thursday, January 05, 2006 11:58:11 AM -0600 Sean Kelly
<[EMAIL PROTECTED]> wrote:
Greetings.
This may have been covered in list archives somewhere, but I failed to
locate it.
I'm having an issue where dead/broken mountpoints in AFS cause ls to
output error messages. For example, I just
Jeffrey Hutzelman <[EMAIL PROTECTED]> writes:
> Russ Allbery <[EMAIL PROTECTED]> wrote:
>> Isn't he just trying to bind each process to specific addresses and
>> port 7000? That's a pretty standard thing to want to do and has a
>> standard Unix API.
> Yes, but I think he's looking for some sort
Greetings.
This may have been covered in list archives somewhere, but I failed to
locate it.
I'm having an issue where dead/broken mountpoints in AFS cause ls to output
error messages. For example, I just did a `vos remove ` of a
mounted volume and now when I try to remove the mountpoint:
[EMAIL
On Thu, 5 Jan 2006, Jeffrey Hutzelman wrote:
You mean like maybe
rx.c:rx_InitHost(u_int host, u_int port)
Ugh. Your CVS comment for that change says it all:
i should be dragged away and beaten for this
It's ugly. But we need an API which takes an array of host/port, and is
IPV6 friendly
On Thursday, January 05, 2006 12:15:59 PM -0500 Derrick J Brashear
<[EMAIL PROTECTED]> wrote:
On Thu, 5 Jan 2006, Jeffrey Hutzelman wrote:
On Thursday, January 05, 2006 10:53:17 AM -0500 Derrick J Brashear
<[EMAIL PROTECTED]> wrote:
You could modify the code for the server processes to
Jeffrey Hutzelman wrote:
> Yes, but I think he's looking for some sort of magic that will let him
> do it without modifying code. I know of no such thing.
I've seen it done through LD_PRELOAD. Google finds an implementation or
two pretty quickly.
___
Ope
On Thursday, January 05, 2006 09:27:35 AM -0500 Andrew Bacchi
<[EMAIL PROTECTED]> wrote:
While trying to solve my problem for the 'package' program, I tried
logging into CVS as anonymous. This failed with the password
'anonymous'. Has the password changed, or is access now restricted?
Wo
On Thu, 5 Jan 2006, Jeffrey Hutzelman wrote:
On Thursday, January 05, 2006 10:53:17 AM -0500 Derrick J Brashear
<[EMAIL PROTECTED]> wrote:
You could modify the code for the server processes to support -rxbind.
You could, but it would require an interface not currently provided by rx, in
On Thursday, January 05, 2006 10:53:17 AM -0500 Derrick J Brashear
<[EMAIL PROTECTED]> wrote:
You could modify the code for the server processes to support -rxbind.
You could, but it would require an interface not currently provided by rx,
in place of the current rx_Init() and rx_NewServi
On Wednesday, January 04, 2006 07:44:26 PM -0800 Russ Allbery
<[EMAIL PROTECTED]> wrote:
Jeffrey Hutzelman <[EMAIL PROTECTED]> writes:
I can think of ways to redirect traffic coming in on a designated port
to different ports depending on the incoming interface. But what you're
trying to d
You could modify the code for the server processes to support -rxbind.
Other people have covered why it's not necessarily what you want, and you
aren't likely to find a "cheap" way to serve multiple cells from a single
machine.
Derrick
Is there an equivalent to afsd's "-rxbind" for the serve
Use ifconfig to bind the interface (eth0) & ipaddress (a.b.c.d) to the
MAC address( e:f:f:h:i:j:k) on the network interface card.
Eg. bind eth0 specifically to:
HWaddr 00:12:2F:46:5F:CG inet addr:10.1.1.193 Bcast:10.1.1.255
Mask:255.255.255.0
tedc
Jeffrey Hutzelman wrote:
On Wednesd
>Most of our users will place files in their home directory, even in the top
>level, expecting them to be secure. Additionally, I fully expect that most
>users will leave permissions with the default settings. In this case, when a
>user creates a directory it inherits the ACL privileges of its p
I mentioned in a recent post that one of our network gurus was checking
network traffic. He noticed that a number of AFS clients were
attempting to contact an AFS server which is no longer part of our cell
(rl.ac.uk). As this server was removed from the CellServDB file more
than 2 years ago, I su
While trying to solve my problem for the 'package' program, I tried
logging into CVS as anonymous. This failed with the password
'anonymous'. Has the password changed, or is access now restricted?
Thanks.
--
veritatis simplex oratio est
- Seneca
Andrew Bacchi
Staff Systems
I failed to send this reply to the list, sorry.
Thank you Jeffery, for pointing me it the right direction. I'll
certainly look into it, and try to come up with a reasonable patch. I
am using RH AS 4 for this platform with a 2.6 kernel.
It does appear to me that there have been changes to 'src/p
Hi,
On Mon, Dec 26, 2005 at 06:05:10PM +0100, Frank Burkhardt wrote:
> Hi,
>
> are there any known limits to OpenAFS' backup database? I'm most interested
> in:
>
> * max number of volume sets
> * max number of tapes
> * max number of dumps
Thank you for sharing your experience on that.
Good morning,
I have tried to "rpmbuild" the SRPMS and get the argument that
"Architecture is not included" ppc.
It looks like it is going and then fails out to above.
Tried by using "spec" file that was on the site after and got the same result.
Anything?
Pete
___
Wheeler, JF (Jonathan) wrote:
> Further to the above query and the reply from Hartmut, I did as he
> suggested and issued the command "vos listaddr -cell XXX" for all cells
> in the CellServDB file on the system in question. This generated a
> large file (as expected) which included quote a lot i
> -Original Message-
> From: Hartmut Reuter
> Sent: 04 January 2006 11:13
>
> Wheeler, JF (Jonathan) wrote:
> > Whilst investigating a network problem, one of our network gurus
noticed
> > that our AFS client systems are sending packets to IP address
> > 192.168.67.1 (I confirmed this by u
Hi,
On Wed, Jan 04, 2006 at 01:30:02PM -0500, Derrick J Brashear wrote:
[snip]
> And MacOS supports them but because of how the login window stuff works
> they aren't used.
Thank you - MacOSX is the OS, I was most interested in.
Regards,
Frank
___
O
33 matches
Mail list logo