SCIENTIFIC-LINUX-USERS Archives

January 2006

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: OpenAFS on SL4.2 ... simple question
From:
Stephan Wiesand <[log in to unmask]>
Reply To:
Stephan Wiesand <[log in to unmask]>
Date:
Tue, 17 Jan 2006 19:40:19 +0100
Content-Type:
TEXT/PLAIN
Parts/Attachments:
TEXT/PLAIN (81 lines) 
Connie, "KC",

On Tue, 17 Jan 2006, Connie Sieh wrote:

> On Tue, 17 Jan 2006, KC wrote:
>
>> Hi,
>>
>> I use RedHat Linux since I were working on Fermilab/E871 at long
>> time ago.   Now I'm still using RH9 and Fedora.
>>
>> This is the first time I try SL ... the distribution is similar with =
>> FC4/3
>> except OpenAFS which is new to me.
>>
>> A simple question, after I installed SL4.2, at the firstboot stage ..=
>> . the
>> OpenAFS configuration asking me to choose a cell, what does that
>
> If you do not need afs then I suggest you remove it.  It is NOT installed

I concur.

> by default.  So how did you get afs installed ?
>
>> meant ?   I'm not working on Fermilab any more ... in fact, I'm
>> working on IC test industry now.   I believe I should not choose
>> the cell "fnal.gov" or others ... so I just ignore the OpenAFS config=
>> uration,
>> but what happen if I choose "fnal.gov" ?
>>
>> After I tested SL4.2 ... if we think it's OK for our applications, a =
>> lot of
>> employees in my company will also install SL4.2.
>> I want to know if they choose "fnal.gov" for OpenAFS's cell ... will =
>> that
>> cause any trouble to Fermilab ?  we really don't want that happen ...
>>
>> Please help to explain what does cell "fnal.gov" mean ... is that
>> option just for Fermilab's internal PC only ?
>
> It is only of use if you want to be part of the fnal.gov afs domain.
> Since you do not then I suggest you remove afs.
>
> yum remove *afs*

Running an AFS client is perfectly reasonable (these days) even if you 
don't have your own AFS cell. If nothing else, browsing /afs/openafs.org, 
or /afs/athena.mit.edu, or, say, /afs/hepix.org is fun, isn't it?

In the default "dynroot" mode of the client, it doesn't matter much which 
cell you pick. You may even invent your own one (I'm running client that 
thinks it's part of the "st.home" cell right now). It starts making a 
difference when you try to obtain a token. For example, with klog. Your 
client will then try to talk to the kaserver of whatever it thinks is your 
home cell. Notice things like pam_krb5 (if you told authconfig to use 
kerberos authentication) may do this behind your back. Other than that, 
it merely affects what "fs wscell" will return. Which is, as I just 
noticed, a segfault at least if the cell is not recorded in the 
CellServDB and there are no AFSDB DNS records for it :-(

NB the "AFS for Windows" folks translate "dynroot" into "freelance".

Anyway: although it probably wouldn't do much harm, and it's impossible to 
keep anyone on the internet from configuring their AFS clients to think 
they're part of whatever AFS cell, most cells probably won't appreciate 
it unless you do have some business with them.

   Stephan

-- 

  ----------------------------------------------------
| Stephan Wiesand  |                                |
|                  |                                |
| DESY     - DV -  | phone  +49 33762 7 7370        |
| Platanenallee 6  | fax    +49 33762 7 7216        |
| 15738 Zeuthen    |                                |
| Germany          |                                |
  ----------------------------------------------------

ATOM RSS1 RSS2