Re: [OpenAFS] Non-functional fileserver

operating in single server mode and there should never be an election. Since the vlserver is returning 5376 it indicates there might still be a problem with the contents of the server CellServDB and perhaps the NetInfo/NetRestrict configuration. What errors are logged to the VLLog? What does &#

Re: [OpenAFS] Changing host- and domainname

What files are present in /etc/openafs/server and what are the contents of CellServDB in that directory? > On Jan 20, 2024, at 4:01 PM, Sebix wrote: > > On 1/20/24 21:58, Jeffrey E Altman wrote: >>> On 1/20/2024 3:49 PM, Sebix wrote: >>> Hi, >>> On 1/20/24 21:46, Jeffrey E Altman wrote:

Re: [OpenAFS-devel] Re: [OpenAFS] 2020 AFS Technologies Workshop Cancelled.. kafs update

On 4/6/2020 8:59 AM, David Howells wrote: > Giovanni Bracco wrote: >> My feeling is that to put it really in production the main missing points >> are: >> >> 1) pam module > > Yep. But the systemd folks are doing their best to make this tricky, I > believe... When "systemd --user" services its

Re: [OpenAFS] Borderline offtopic: OpenAFS as ~ for Samba AD?

dd support for entity aliasing to the protection service. The protocol extensions to do so were standardized nine years ago but no implementation was ever developed for OpenAFS. I believe in your scenario, treating both realms as local is sufficient. Jeffrey Altman smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] IP based ACL and User Based ACL

e read https://www.auristor.com/documentation/man/linux/7/auristorfs_acls.html Migration to AuriStorFS from OpenAFS can be performed with zero-flag days with a well tested incremental process. https://www.auristor.com/documentation/man/linux/7/auristor_migration.html Please contact me with any questions you might have. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Red Hat EL Support Customers - Please open a support case for kafs in RHEL8

closed. David Howells and the AuriStor team continue to fill in the gaps. This week a request was filed to add /afs to the File Hierarchy System (FHS). Inclusion in the FHS is required by some Linux Distributions before a new roof directory can be added to the distribution. Jeffrey Altman

Re: [OpenAFS] Limit on number of servers?

mit write transactions to succeed when one of the servers is shutdown or becomes unreachable. For AuriStorFS the maximum UBIK server limit and maximum number of vlservers that can be specified in a cell configuration is 80. There are no performance restrictions that limit their use. Jeffr

[OpenAFS] Re: [OpenAFS-devel] July? Re: Proposal for AFS Conference - June 2019

On 4/1/2019 3:31 PM, Dave Botsch wrote: > Are folk better able to attend a July 10-12 conference? Here is a partial list of 2019 conferences and events that might be important to members of the community. The dates specified are the approximate week of the event. April 29th: Linux Storage, Filesy

Re: [OpenAFS] Re: Starting an server (both DB and FS) without `BOS` (e.g. on Linux with systemd)

. 4. Remote fetching of log files. 5. Remote execution of arbitrary commands. Most but not all of these functions could be performed with other tools. Managing the special inter-dependencies of the "fs" and "dafs" bnode processes and salvaging are the two exceptions. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] new RW root.cell

d then vos release -id root.cell If you are still seeing errors, examine the VolserLog on velma.psc.edu and use vos listvol -server velma.psc.edu -fast | grep 537176385 to see if there are stranded readonly volumes left on somewhere. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] AFS Performance / ZFS

partitions but do so by exporting the ZFS storage via iSCSI to RHEL7 systems connected to the TrueNAS server with dedicated bonded 10-gbit NICs. This combination is reliable and is capable of filling the iSCSI path. Jeffrey Altman AuriStor, Inc. <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] kafs client bugs

On 3/7/2019 6:12 AM, David Howells wrote: > From just the filenames, I don't see what some of the tests are meant to do - > take "discon-create" for example. This seems to be using some feature of Arla > that isn't in OpenAFS. disconnected mode was added to OpenAFS. However, there is no mechanis

Re: [OpenAFS] new RW root.cell

release root.cell -localauth > Failed to clone the volume 537176384 > : Invalid cross-device link > Error in vos release command. > Clone volume is not in the same partition as the read-write volume. Susan, The problem with root.cell is on velma. The RW and RO must be on the same partition. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Offline migration of AFS partition files (i.e. the contents of `/vicepX`)

ered to be private to the fileserver processes. It is not portable and should not be used as a backup or transfer mechanism. > BTW, is there a document that outlines the actual layout of the > `/vicepX` structure? I've searched a bit but found nothing useful. The source code comments provide the best documentation. Jeffrey Altman smime.p7s Description: S/MIME Cryptographic Signature

[OpenAFS] BoF at Vault '19: Justifying the inclusion of Linux kernel AFS in Enterprise Distributions

Boston, MA 02199 USA Pizza and non-alcoholic beverages will be provided. I hope to see you there. https://www.auristor.com/events/kafsvault19 Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Vhosts as AFS servers?

eventually deploying AuriStorFS servers on it, maximize the number of processor threads and use more power efficient processors with lower clock speeds. AuriStorFS servers unlike OpenAFS can make use of as much CPU and I/O bandwidth as is available. Jeffrey Altman On 1/15/2019 1:56 PM, Steve

Re: [OpenAFS] Update time loses 67 seconds on new volume

r and partition. It will match the Creation field. The copy date is not stored in volume dumps and cannot be restored or migrated to another File Server or partition. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Red Hat EL Support Customers - Please open a support case for kafs in RHEL8

d kernels such as RHEL, SuSE, Ubuntu, Oracle, RHEL 8 is in beta. The next opportunity to argue for inclusion of the in-tree AFS client will be RHEL 9. The clock is ticking Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Red Hat EL Support Customers - Please open a support case for kafs in RHEL8

s of this community. In 2001 Red Hat couldn't support AFS because of GPL vs IPL10 conflicts. Now that kafs is available, it becomes possible for Red Hat to do so. Its up to all OpenAFS and AuriStorFS end user organizations to make the case. Good luck to all. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

[OpenAFS] Red Hat EL Support Customers - Please open a support case for kafs in RHEL8

at have special needs and highly managed environments. Thanks for your assistance on behalf of the entire AFS/AuriStorFS community. Jeffrey Altman [1] https://www.infradead.org/~dhowells/kafs/ [2] https://copr.fedorainfracloud.org/coprs/jsbillings/kafs/ [3] https://lists.openafs.org/pipermail/op

Re: [OpenAFS] Tracing VLDB queries

77:8346:dab0:49c0]:7001 STR root.cell Mon Dec 03 06:36:05 2018 [71] EVENT AFS_VL_GetEntByN CODE 0 NAME --UnAuth-- HOST [2604:2000:1741:a019:6d77:8346:dab0:49c0]:7001 STR root.public In OpenAFS the audit infrastructure can be enabled per-service and its output can be set to files, named pipes, sysl

Re: [OpenAFS] Current "balance" practice?

rce a complete release */ #define REL_FULLDUMPS 0x02 /* force full dumps */ #define REL_STAYUP 0x04 /* dump to clones to avoid offline time */ The introduction of enum vol_s2s_crypt came much later. If you would prefer AuriStor can submit a change to restore the prior signature. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] in tree kernel module kafs fedora 29

source code. That is why they can be part of the Linux kernel as in-tree networking stack and file system components. OpenAFS does not work with the kafs kernel module because the kafs file system is an alternative client compatible with IBM AFS 3.6, OpenAFS and AuriStorFS services. Jeffrey Altman &l

Re: [OpenAFS] Unexpected no space left on device error

I'm placing a beer on the directory being full. For extra credit I will guess that the directory is full as a result of abandoned silly rename files. You should try salvaging the volume with the rebuild directories option. Jeffrey Altman > On Nov 14, 2018, at 4:36 AM, Benjamin Kadu

Re: [OpenAFS] automatic replication of ro volumes

ated RW volumes. RW replication is a feature which was never completed for OpenAFS. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

[OpenAFS] accessing /afs processes go into device wait

ss.cs.unc.edu entry to CellServDB. You can add a blacklist for that name. You can stop using -afsdb or you can stop using -dynroot and rely upon a locally managed root.afs volume. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Current "balance" practice?

t; ( https://www.eyrie.org/~eagle/software/afs-balance/ ) Although similarly named Russ Allbery's balance which was developed at Stanford is unrelated to Dan Lovinger's balance. Russ' balance can make decisions based upon volume count and volume size whereas Dan's can

Re: [OpenAFS] rxmaxmtu for volserver

server, volserver and vlserver in 2006. The option is present in all 1.6 releases. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] OpenAFS Security Releases 1.8.2, 1.6.23 available --> butc & backup security update question --> why only root?

To do so butc must have knowledge of the cell-wide key because without knowledge of that key it cannot decrypt the AFS token presented by the RPC issuer. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

[OpenAFS] OpenAFS Security Releases 1.8.2, 1.6.23 available --> butc & backup security update question

orFS security model to backup with the use of AES256-CTS-HMAC-SHA1-96 wire encryption for all volume data communications and the use of volume security policies to ensure that volumes cannot be restored to a fileserver with an incompatible security policy. Jeffrey Altman AuriStor, Inc. On 9/13/2018

Re: [OpenAFS] Obtaining tokens at login on Ubuntu 18.04

identities. Creating separate PAGs for each session by default is incompatible with "systemd --user". PAGs can still be used to transition to a separate AFS identity for administrative operations. Please do not make assumptions that AFS PAGs can somehow protect end users from trusted administrators who choose to violate that trust or whose accounts have been compromised. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Obtaining tokens at login on Ubuntu 18.04

t's not quite perfect yet. Gaja, The "aklog.service" approach introduces a significant amount of complexity with zero security improvement over the pam_afs_session "nopag" configuration. The reason that aklog can be executed by "aklog.service" is because the Kerberos credentials from which the AFS tokens are derived are accessible to any process running as the UID. Sincerely, Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Obtaining tokens at login on Ubuntu 18.04

ss authentication group (PAG) for each user login session. USM relies upon the assumption that all processes running with the same UID share the same security context including network authentication tokens. pam_afs_session "nopag" should be used in conjunction with USM. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Does vos release/volume replication always initiates data transfer from RW site?

does not rank volume sites based upon performance characteristics. How are you ensuring that clients contact the local fileserver? Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Does vos release/volume replication always initiates data transfer from RW site?

o be present and consistent with other sites. Note that the -valid switch will not mark a site as "new" if a "vos release" failed to update one or more sites. Be careful to use publicly visible addresses when executing these commands. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] check in c (linux) whether a directory entry is a mount point for an AFS volume

On 8/4/2018 8:30 PM, Ken Hornstein wrote: >> I'm not sure that the application will have the ability to stat the >> mount point object. The OpenAFS cache manager will always provide the >> details of the target volume root directory unless the target volume >> cannot be located or accessed. > > I

Re: [OpenAFS] check in c (linux) whether a directory entry is a mount point for an AFS volume

ger will always provide the details of the target volume root directory unless the target volume cannot be located or accessed. Jeffrey Altman smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] fs newcell / clients CellServDB / adding new db server

On 6/18/2018 9:07 AM, Andreas Ladanyi wrote: >> >> The ubik clients do not rank servers based upon IP address. What they >> do is: > ok. Then maybe i misunderstood the documentation > (http://docs.openafs.org/QuickStartUnix/HDRWQ114.html) which tells me > the machine with lowest ip is "usually"  e

Re: [OpenAFS] fs newcell / clients CellServDB / adding new db server

k client will attempt to contact every ubik server in order until the coordinator is determined. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] fs newcell / clients CellServDB / adding new db server

alidity period for the server list by the cache manager. In this way, clients automatically update their server list information and administrators can control how frequently the server lists are updated. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Add new database server with lowest IP

ers notice this server shutdown which is necessary to avoid bugs in most OpenAFS versions that can lead to database corruption.) c. Start server (bos start -all) d. Repeat for the next lower ranked server. 5. Start the new server This order will ensure that there is never any confusion for clients or ubik servers. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Trouble deleting server (vos changeaddr -remove)

vos eachvol vos listfs I can confirm that both fileservers have now been removed from the location database (VLDB). Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Trouble deleting server (vos changeaddr -remove)

VLDB > VLDB: volume Id exists in the vldb The volumes in question is csail-debian vos remsite kursk.csail.mit.edu a csail-debian Then you will be able to remove the fileserver. BTW, the csail.mit.edu VLDB contains an entry for: UUID: None 127.0.1.1 You should remove that one as wel

Re: [OpenAFS] About the upgrading from kaserver toKerberos 5

or authentication. See the OpenAFS krb.conf man page. Again, good luck. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] About the upgrading from kaserver to Kerberos 5

32-bit version of Linux and the gcc toolchain. Current versions of gcc and clang are unlikely to compile old source code trees and there is the possibility that there are 64-bit compatibility issues with those old releases as well. Good luck. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] mass moving volumes from server to server ?

On 5/1/2018 4:36 PM, Jeffrey Altman wrote: > Hi Gary, > > On 5/1/2018 3:23 PM, Gary Gatling wrote: >> Hello, >> >> I was wondering if any users or developers have a solution for moving >> all the volumes from one server to another? > > As an AuriStorFS lic

Re: [OpenAFS] mass moving volumes from server to server ?

el upgrades is problematic for us > since so much other technology depends on having afs working at all > times. The kernel updates seem to happen about every 2 weeks or so. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] aklog: unknown RPC error (-1765328377) while getting AFS tickets

On 4/25/2018 2:34 PM, Steven Schoch wrote: > > Kerberos error code returned by get_cred : -1765328352 > aklog: Couldn't get example.com AFS tickets: > aklog: unknown RPC error (-1765328352) while getting AFS tickets > > Did I mess up file permissions somewhere? Running klist a

Re: [OpenAFS] Linux: systemctl --user vs. AFS

On 3/9/2018 11:06 AM, Dirk Heinrichs wrote: > Am 08.03.2018 um 18:54 schrieb Jeffrey Altman: >>> 2. let AFS use the per-user keyring instead of the per-session one >>> (suggested in the systemd bug discussion) >>> >>> Does the second one sound reasonab

Re: [OpenAFS] Linux: systemctl --user vs. AFS

same tokens and an effective uid change permits access to those same tokens. Process Authentication Groups (PAGs) exist explicitly to establish a security barrier to prevent such credential leakage. Just my two cents ... Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Invalid AFSFetchStatus - inaccesible data

from backup or other sources 4. delete the vnode in the vice partition and salvage to cleanup the directory The warning message from the client is misleading in that the fileserver is not generating bogus information but the data on-disk is already bogus. Jeffrey Altman AuriStor, Inc. <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] RHEL 7.5 beta / 3.10.0-830.el7.x86_66 kernel lock up

eleases) were both due to back porting functionality in this manner. Such incompatibilities can result in system panics or silent data corruption depending upon the change. Jeffrey Altman AuriStor, Inc. <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] connection timed out, how long is the timeout?

27;s UBIK has been successfully tested with 80 ubik servers in a cell. This is possible because of a more efficient protocol that is incompatible with AFS3 UBIK and the efficiencies in AuriStor's Rx implementation. Jeffrey Altman AuriStor, Inc. <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] connection timed out, how long is the timeout?

oo small. 4. Network connectivity between the FS and both PT servers and CMs. Its time for the Super Bowl so I will send off this message as is. Perhaps it will be useful. Jeffrey Altman AuriStor, Inc. <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Re: RHEL 7.5 beta / 3.10.0-830.el7.x86_66 kernel lock up

do not adhere to the KABI functionality might have compatibility issues. There was a compatibility issue with RHEL 7.4 kernel (3.10.0_693.1.1.el7) as well that was only fixed in the OpenAFS 1.6 release series this past week as part of 1.6.22.2: http://www.openafs.org/dl/openafs/1.6.22.2/RE

Re: [OpenAFS] convert 'vos dump' output to tar or zip?

ckups. We would like to be able to access the contents of these backups without deploying a new cell. Sincerely, Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Is member of a machine group honored as system:authuser?

language permits different access permissions to be granted to each of the following combinations: authenticated user on unauthenticated host authenticated user on authenticated host anonymous user on authenticated host anonymous user on anonymous host The anonymous user on authenticated host communications with the file server are authenticated using the host principal and all data is both integrity protected and encrypted for wire privacy. Jeffrey Altman AuriStor, Inc. <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] KeyFile issues upgrading servers from 1.4 to 1.6

ed to at least 1.6.22 it is critical that the DES cell key be replaced with an AES256-CTS-HMAC-SHA1-96 Kerberos service key. Failure to do so leaves the cell vulnerable to brute force attacks. AuriStor provides professional OpenAFS support services to assist organizations such as PSC when upgrading cells. https://www.auristor.com/openafs/ Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] changing just the name of a database server?

E. It's possible that the > Auristor client has implemented that TODO item, but I have no way to > check. > > -Ben When building a DNS SRV or DNS AFSDB record you MUST use names that can be resolved by A and records. However, you can use CNAME records for the name listed in the CellServDB file. This is true not only for OpenAFS but for AuriStorFS as well. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

[OpenAFS] Registration Discount for LISA17 – Taking place 10/29-11/3 in San Francisco

ll be at booth #400. We hope you will join us in San Francisco and say hello! Jeffrey Altman AuriStor, Inc. smime.p7s Description: S/MIME Cryptographic Signature

[OpenAFS] URGENT: macOS High Sierra to be released next week - must upgrade to AuriStorFS v0.160 first

panic after upgrade issue a couple of days ago. Jeffrey Altman AuriStor, Inc. smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Strange problem in 2 volumes that do not "vos move" or "vos restore"

many cases, the affected volumes had not been modified by end users for many years. If your organization wishes professional assistance, feel free to contact me off list. Good luck. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] k5start functionality on windows

had the time to implement the kernel based version of the CCAPIv3 which I've wanted for almost two decades. > Anyone have another solution? 1. Porting k5start to Windows. 2. Writing an auto-run notification process (although that is what NIM is.) Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] OpenAFS on OpenBSD

ed for token management or otherwise manage the cache manager. Therefore, the existing FUSE implementation only supports anonymous operations. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Problem deleting volumes

.32.5.186] has 4131 volume entries in the VLDB. velma.psc.edu [128.182.66.184] has 22947 volume entries in the VLDB. If these are intended to be the same server, you might want to consider rebuilding your VLDB from scratch. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] OpenAFS windows clients (Orpheus' Lyre)

ws, I think we used MIT Kerberos. > > Which I suppose brings me to my wider question: what AFS clients are > others using on Windows? I am unaware of any AFS client for Microsoft Windows 10 that is available from anywhere other than AuriStor, Inc. Jeffrey Altman AuriStor, Inc. <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] New installation, linux server, AD kerberos

by AuriStor, Inc. will work with IBM AFS 3.6, OpenAFS and AuriStorFS servers. https://www.auristor.com/openafs/client-installer/ Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] New installation, linux server, AD kerberos

s '.' as the component separator, a Kerberos v5 principal name with a '.' in the first component cannot be safely converted to Kerberos v4. To override that restriction you must add -allow-dotted-principals to all server command lines. Jeffrey Altman <> smime.p7s

Re: [OpenAFS] New installation, linux server, AD kerberos

h > bos: could not find entry (configuring connection security) My guess is that you need to add the cell wide key via asetkey before you can start the service. Key management is an area that has changed from OpenAFS 1.6 and OpenAFS 1.8 went in a different direction than AuriStorFS so I'm n

Re: [OpenAFS] vos move: Error reading dump file

can overflow. While the volume remains in place OpenAFS servers will happily serve the data but it is possible that the volume can no longer be represented by the dump format and that the salvager can no longer reference all of the vnodes that are present in the volume. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] ls: : Operation timed out

thin the network. If the packets do arrive, its a problem with the fileserver. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] volume throughput

ta transferred can be computed from fileserver audit logs. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Re: build error when linking with heimdal-dev (Re: [OpenAFS] bosserver -noauth& changes cell to localcell)

an incorrect fix. -lasn1 should neither be added for aklog nor libauth. akimpersonate_v5gen.c is wrong in the Heimdal case. It is making direct usage of Heimdal ASN1 macros when it should be following the model used for rxkad. I'm not entirely sure why akimpersonate has its own v5gen source files. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] bosserver -noauth& changes cell to localcell

cuted and its attempt to load a valid configuration fails, it then attempts to create a valid configuration. src/bozo/bosserver.c line 1032 of openafs-stable-1_6_x Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] vos dumps to S3 via S3 Storage Gateway?

IBM Spectrum Protect and the older Tivoli Storage Manager releases. This is in addition to our support of Teradactyl's True Incremental Backup System and BackupAFS. The XBSA implementation is modular so we can add support for Veritas NetBackup and object stores in the near future. Jeffrey Altman AuriStor, Inc. <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] vos dumps to S3 via S3 Storage Gateway?

dump stream through a block cipher before passing it into the AWS CLI. Jeffrey Altman On 2/27/2017 2:42 PM, Shane wrote: > We have a legacy EC2 environment setup in which vos dumps are pulled in > by Zmanda backup, using a custom tar wrapper. These are stored on s3 via > Zmanda'

Re: [OpenAFS] Is the OpenAFS-info mailing list still working?

il servers it is blocked. The mailing list is not broken. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] OpenAFS Windows build environment

there was benefit in maintaining an out of date tool chain I would not have shutdown the prior builders. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] OpenAFS Windows build environment

On 2/14/2017 7:37 AM, Kostas Liakakis wrote: > > Hi Jeffrey, > > Thanks for taking the time to answer. Please read below inline. > > > On 2017-02-14 03:53, Jeffrey Altman wrote: >> They are built with WiX 3.9 scripts. The >> installation packaging in the O

Re: [OpenAFS] OpenAFS Windows build environment

unctions. The IDN is required when building for pre-Vista because you have to install the normaliz.dll library as part of the installer. > Well, at least my openafs/dest directory is now populated and I > could at least run "pts help" and "fs help". Neither pts nor fs us

Re: [OpenAFS] OpenAFS Windows build environment

https://www.auristor.com/openafs/client-installer/ can be installed on Windows 10 and Windows Server 2016 because they are grand-fathered. If the same sources were built today they would not produce a working file system. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] OpenAFS 1.6.20.1 on AIX 7.1

your question, I am unaware of anyone that has installed OpenAFS on AIX 7.1. If you can provide more details on the failure, perhaps the community can assist? If the ability to use OpenAFS on AIX 7.1 is important to your institution, perhaps it would be willing to provide a build host fo

Re: [OpenAFS] Check free space on AFS share before login

is important. AuriStor, Inc. supports David Howells' development of kafs. Others should as well. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Procedure for changing database server IP addresses

of time (week+) before doing the last removal. > > I'm assuming that I can use -auditlog (or even a packet sniffer) to see > what clients might still be using the OLD dbservers prior to the final > decommissioning. rxdebug -peer > Seems a bit too simple. What am I missing? Good luck. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] OpenAFS 1.8.0 alpha 1 available

s" is being passed to Matlab? /afs/cell-name/appl/@sys/bin/prog 2. a path component that is a symlink whose target path contains @sys? /afs/cell-name/appl/bin/prog where "bin" is a symlink to "@sys" or to ".bin/@sys" where ".bin" is a directory containing sub-directories "amd64_linux26". Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Fw: it would be nice to have an administrators guide

realms] [ { afslog = } [libdefaults] afslog = The option doesn't have any impact on OpenAFS aklog. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] OpenAFS 1.8.0 alpha 1 available

4953 commits authored by the following individuals: 1334 Jeffrey Altman 913 Simon Wilkinson 715 Andrew Deason 320 Michael Meffie 292 Daria Phoebe Brashear 289 Benjamin Kaduk 233 Marc Dionne 88 Chas Williams 83 Garrett Wollman 53 Mark Vitale

Re: [OpenAFS] dbservers version

l critical bugs in the ubik protocol implementation have been fixed which can result in corrupted databases. Some of the scenarios result in empty databases being replicated to all servers. The safest path is to upgrade the existing database server to OpenAFS 1.6.20 before increasing the size of

Re: [OpenAFS] Additonal question about the OpenAFS Security Advisory 2016-003

ach directory it rewrites it risks data corruption. The next incremental dump would include all of the directories (which it does in general anyway) but it wouldn't included normal files or symlinks that have not changed. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Additonal question about the OpenAFS Security Advisory 2016-003

nformation stored in the original directory file. 2. It will compact the directory to reduce fragmentation that could have resulted in directory full errors when attempting to store a filename that required more directory blocks than are available contiguously. I hope this information is

[OpenAFS] AuriStor, Inc at LISA 2016

forward to seeing old friends and discussing the accomplishments of the AuriStor team. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Connection timed out on new mount point

the problem? > > Thanks... > > Dirk The client has cached information for the volume group that indicates that no backup volume exists. fs checkvolumes Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] space and vos zap problem

7;s certainly something to be aware of. I only suggested > that because Gary said he had moved all of the volumes off of that > partition. > > --Ken In that case, wipe the partition and restart the fileserver. The bosserver must stop the fileserver anyway to perform a full partitio

Re: [OpenAFS] space and vos zap problem

t of total 488735480 The one concern with -orphans remove when salvaging the entire partition is if there were orphans that belonged volumes other than the one that was deleted. If such files existed they are now lost. Jeffrey Altman smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] best practice for a service to access a user AFS token? and why ruid instead of euid?

ord. Therefore, Samba had to obtain a Kerberos v5 ticket granting ticket or an AFS token some other way. This typically made use of an impersonation service to acquire a TGT or Token after asserting it had authenticated the user identity. Many single sign-on web authentication services utilize a similar model. > Your suggestions greatly appreciated. The best approach in my opinion is to follow the LSF model. Jeffrey Altman AuriStor Inc. <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Mac OS sierra support - any news?

SX Sierra client compatible with IBM AFS and OpenAFS since OSX Sierra was publicly released. https://www.auristor.com/filesystem/client-installer/ Sincerely, Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] Moving volumes between different cell and different realm names

On 10/10/2016 4:51 AM, Andreas Ladanyi wrote: > Am 07.10.2016 um 22:58 schrieb Jeffrey Altman: >> >>> >>> I read the thread: >>> https://lists.openafs.org/pipermail/openafs-info/2009-March/031004.html >>> >>> So if i understand the thread and

Re: [OpenAFS] Moving volumes between different cell and different realm names

lm A to new server system cell B / realm B ? AFS servers do not know or care about the realms. The servers within a cell all must share the same server configuration (ThisCell, CellServDB, and keys). You cannot move a volume between cells with the OpenAFS vos command. With AuriStorFS it is possible to copy volumes between cells. A volume once copied can be removed from the source if that is desired. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] OpenAFS Installation on Windows

uded in this installer are accepted under the grandfather exception for cross-signing certificates issued before 29 June 2015. Jeffrey Altman <> smime.p7s Description: S/MIME Cryptographic Signature

Re: [OpenAFS] VerboseLogging registry values?

On 9/1/2016 11:43 AM, Caldwell, Hugh wrote: > Could someone tell me what the appropriate values are for > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TransarcAFSDaemon\NetworkProvider\VerboseLogging > ? > > This page is the only reference I can find to it and the values aren't > defined

  1   2   3   4   5   6   7   8   9   10   >