[info-afs] Can anybody explain this error

Michael Kazar Michael.Kazar@verizon.net
Sat, 27 Jan 2007 06:41:53 -0500


--Boundary_(ID_auwneAeq0giPVHIrZdjHwA)
Content-type: text/plain; charset=us-ascii; format=flowed
Content-transfer-encoding: QUOTED-PRINTABLE

Your problem is probably that /afs is typically a read-only volume.  =
This=20
allows you to replicate it, but it means you have to create a mount p=
oint=20
to its writeable version to modify it.  You can create a temporary mo=
unt=20
point to the writeable volume root.afs by using the fs mkmount comman=
d,=20
change the acl of root.afs through the mount point, and then remove t=
he=20
mount point, from any writable place in the system.  It's been quite =
a=20
while since I administered an AFS system, but I think you do:

fs mkm temp-name root.afs -rw           ; the -rw comes from memory, =
you=20
should double check
fs sa temp-name/. system:anyuser rl     ; set acl through the tempora=
ry=20
mount point
fs rmm temp-name                                        ; remove the =
mount=20
point

and then use vol release to release a new version of root.afs.  Once =
your=20
cache manager has noticed the new version of the read-only volume ( "=
fs=20
checkb" might force this, but it happens periodically or on reboot), =
you're=20
in business.

I'm sure a more current reader of info-afs can correct any errors in =
the=20
above, but I figured I'd send this, since I haven't seen a reply yet.

         Mike


At 03:13 AM 1/27/2007, ranjith silva wrote:
>I had try to install OpenAFS on serveral times , i tried on ubuntu 6=
.06,=20
>debian 2.6.8-2-326 kernel but it propmpt same error message when i'm=
 going=20
>to execute
>
>  fs setacl /afs system:anyuser rl.
>
>It says
>  fs: You don't have the required access rights on '/afs/'
>
>Can you explain on this error . I followed many different guids but =
same=20
>error again and again.
>
>kiinit and aklog is issuing tickets and tokens properly. And admin u=
ser is=20
>in administrators group.
>
>I saw in maling list "if kinit admin/admin then aklog to admin.admin=
"
>i tried it by adding admin/admin principal and creating a user admin=
.admin=20
>with administrative privileges it also doesn't work.
>
>What is this error.......Is any body got a error message like this a=
nd=20
>able to figure this out.
>
>Thank you.............
>
>
>
><http://us.rd.yahoo.com/evt=3D49938/*http://tools.search.yahoo.com/t=
oolbar/features/mail/>Never=20
>miss an email again!
>Yahoo! Toolbar alerts you the instant new Mail arrives. Check it out=
.


--Boundary_(ID_auwneAeq0giPVHIrZdjHwA)
Content-type: text/html; charset=us-ascii
Content-transfer-encoding: QUOTED-PRINTABLE

<html>
<body>
Your problem is probably that /afs is typically a read-only volume.&n=
bsp;
This allows you to replicate it, but it means you have to create a mo=
unt
point to its writeable version to modify it.&nbsp; You can create a
temporary mount point to the writeable volume root.afs by using the f=
s
mkmount command, change the acl of root.afs through the mount point, =
and
then remove the mount point, from any writable place in the system.&n=
bsp;
It's been quite a while since I administered an AFS system, but I thi=
nk
you do:<br><br>
<tt>fs mkm temp-name root.afs
-rw<x-tab>&nbsp;&nbsp;&nbsp;</x-tab><x-tab>&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;</x-tab>;
the -rw comes from memory, you should double check<br>
fs sa temp-name/. system:anyuser
rl<x-tab>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</x-tab>; set acl through the
temporary mount point<br>
fs rmm
temp-name<x-tab>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</x-t=
ab><x-tab>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</x-tab><x-=
tab>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</x-tab><x-tab>&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</x-tab><x-tab>&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</x-tab>;
remove the mount point<br><br>
</tt>and then use vol release to release a new version of root.afs.&n=
bsp;
Once your cache manager has noticed the new version of the read-only
volume ( &quot;fs checkb&quot; might force this, but it happens
periodically or on reboot), you're in business.<br><br>
I'm sure a more current reader of info-afs can correct any errors in =
the
above, but I figured I'd send this, since I haven't seen a reply
yet.<br><br>
<x-tab>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</x-tab>Mike<b=
r><br>
<br>
At 03:13 AM 1/27/2007, ranjith silva wrote:<br>
<blockquote type=3Dcite class=3Dcite cite>I had try to install OpenAF=
S on
serveral times , i tried on ubuntu 6.06, debian 2.6.8-2-326 kernel bu=
t it
propmpt same error message when i'm going to execute<br><br>
<pre>&nbsp;fs setacl /afs system:anyuser rl.

It says=20
</pre><font face=3D"Courier New, Courier"></font>&nbsp;fs: You don=
=92t have
the required access rights on =92/afs/'<br><br>
Can you explain on this error . I followed many different guids but s=
ame
error again and again. <br><br>
kiinit and aklog is issuing tickets and tokens properly. And admin us=
er
is in administrators group.<br><br>
I saw in maling list &quot;if kinit admin/admin then aklog to
admin.admin&quot; <br>
i tried it by adding admin/admin principal and creating a user
admin.admin with administrative privileges it also doesn't=20
work.<br><br>
What is this error.......Is any body got a error message like this an=
d
able to figure this out.<br><br>
Thank you.............<br><br>
<br>
<br>
<a href=3D"http://us.rd.yahoo.com/evt=3D49938/*http://tools.search.ya=
hoo.com/toolbar/features/mail/">Never
miss an email again!<br>
Yahoo! Toolbar</a> alerts you the instant new Mail arrives.<a href=
=3D"??">
Check it out.</a> </blockquote></body>
</html>


--Boundary_(ID_auwneAeq0giPVHIrZdjHwA)--