Difference between revisions of "Installing an OpenAFS Client on Ubuntu"

Latest revision as of 16:08, 29 August 2022

This documentation will show you how to access the NJIT's AFS file system (/afs/cad.njit.edu/) from your Ubuntu machine (Ubuntu 18.x LTS). You will have to do some installations on your Ubuntu machine to get access to AFS directories. Follow the instructions provided in the rest of the document.

1. Installing OpenAFS packages

Open the Terminal application on your machine and run the following command to install the AFS client and Kerberos packages.

sudo apt-get install openafs-krb5 openafs-client

Now, you will be prompted to provide the AFS Cell Name and AFS Cache.

Provide the following information in the dialog boxes and hit ok:
- AFS Cell: cad.njit.edu
- AFS Cache: Leave this default

Once the command has been completed, you will see the message DKMS: install completed

2. Installing Kerberos Client package

After installing the OpenAFS packages, you will have to install the Kerberos Client package. Run the following command in a Terminal.

sudo apt-get install krb5-user

Now, you will be prompted to provide the Kerberos Realm, Servers and Admin Server.

Provide the following information in the dialog boxes and hit ok:
- Realm: NJIT.EDU (In capital letters)
- Servers: kay00.njit.edu:88 kay01.njit.edu:88 kay02.njit.edu:88
- Admin Server: kay00.njit.edu:749

3. Downloading and Installing the configuration files.

Run the following, it will download and place the krb5.conf and CellServDB files onto your machine.

curl -s https://web.njit.edu/info/kerberos.servers/install_support_files | /bin/bash

4. Edit /etc/krb5.conf

Change the ticket_lifetime parameter value to 24h under [libdefaults] and [appdefaults]

[libdefaults]
 ticket_lifetime = 24h

[appdefaults]
 pam = {
  ticket_lifetime = 24h
 }

5. Starting the AFS Client and accessing the AFS home directory

Reboot the machine. The OpenAFS client should auto start upon reboot.

Verify that AFS Client started on boot up.

df -h /afs

The output of this command should be similar to the following:

ps -ef | grep afsd

The output of this command should be similar to the following:

Get your Kerberos ticket using kinit, and your AFS token using aklog

kinit <Your NJIT UCID> && aklog

Use the following command to check if your AFS token is generated or not.

tokens

The output of this command should be similar to the following:

Note: Your token will expire in 24 hours. You can renew it by using the following command.

kinit <Your NJIT UCID> && aklog

You should now be able to access your AFS home directory.

cd /afs/cad/u/<first_letter_of_ucid>/<second_letter_of_ucid>/<your_ucid>/

Example: If your NJIT UCID is abc123 then

cd /afs/cad/u/a/b/abc123/

@@ Line 1: / Line 1: @@
-This documentation will show you how to access the NJIT's AFS file system (/afs/cad.njit.edu/) from your Ubuntu machine ('''Ubuntu 18.04.1 LTS'''). You will have to do some installations on your Ubuntu machine to get access to AFS directories. Follow the instructions provided in the rest of the document.
+This documentation will show you how to access the NJIT's AFS file system (/afs/cad.njit.edu/) from your Ubuntu machine ('''Ubuntu 18.x LTS'''). You will have to do some installations on your Ubuntu machine to get access to AFS directories. Follow the instructions provided in the rest of the document.
 ; 1. Installing OpenAFS packages
@@ Line 10: / Line 10: @@
 [[File:Ubuntu AFS 1.png | 800px]]
-* Now, you will be prompted to provide information Like AFS Cell and AFS Cache.
+* Now, you will be prompted to provide the AFS Cell Name and AFS Cache.
 [[File:Ubuntu AFS 2.png | 800px]]
@@ Line 34: / Line 34: @@
 [[File:Ubuntu AFS 5.png | 800px]]
-* Now, you will be prompted to provide information Like Kerberos Realm, Servers and Admin Server.
+* Now, you will be prompted to provide the Kerberos Realm, Servers and Admin Server.
 [[File:Ubuntu AFS 6.png | 800px]]
@@ Line 47: / Line 47: @@
 ** Admin Server: kay00.njit.edu:749
+; 3. Downloading and Installing the configuration files.
-; 3. Edit /etc/krb5.conf
+Run the following, it will download and place the krb5.conf and CellServDB files onto your machine.
+ curl -s https://web.njit.edu/info/kerberos.servers/install_support_files | /bin/bash
+; 4. Edit /etc/krb5.conf
 ----
-* Delete all the content of file /etc/krb5.conf and add the following:
+Change the '''ticket_lifetime''' parameter value to '''24h''' under [libdefaults] and [appdefaults]
- # NJIT - ARCS Kerberos Configuration  - 20140404
- [logging]
-        default = FILE:/var/log/krb5libs.log
-        kdc = FILE:/var/log/krb5kdc.log
-        admin_server = FILE:/var/log/kadmind.log
   [libdefaults]
-        default_realm = NJIT.EDU
+  ticket_lifetime = 24h
-        dns_lookup_realm = false
-        dns_lookup_kdc = false
-        ticket_lifetime = 24h
-        renew_lifetime = 30d
-        forwardable = true
-        allow_weak_crypto = TRUE
-        allow_weak_enctypes = TRUE
-  [realms]
-        NJIT.EDU = {
-                kdc = kay00.njit.edu:88
-                kdc = kay01.njit.edu:88
-                kdc = kay02.njit.edu:88
-                admin_server = kay00.njit.edu:749
-                default_domain = njit.edu
-        }
- [domain_realm]
-        .njit.edu = NJIT.EDU
-        njit.edu = NJIT.EDU
   [appdefaults]
-        pam = {
+  pam = {
-                debug = false
+   ticket_lifetime = 24h
-                ticket_lifetime = 24h
+  }
-                renew_lifetime = 30d
-                forwardable = true
-                krb4_convert = false
-                pam-afs-session = {
-                        ignore_root=true
-                        debug=true
-                }
-        }
-        libkafs = {
-                NJIT.EDU = {
-                        afs-use-524 = no
-                }
-        }
+; 5. Starting the AFS Client and accessing the AFS home directory
-; 4. Edit /etc/openafs/CellServDB
 ----
-* Delete all the content of file /etc/openafs/CellServDB and add the following:
+* Reboot the machine. The OpenAFS client should auto start upon reboot.
- >cad.njit.edu     #Cell name
+* Verify that AFS Client started on boot up.
-.235.209.210   #ucsafsdb00.coresys.njit.edu
-.235.209.211   #ucsafsdb01.coresys.njit.edu
-.235.209.243   #ucsafsdb02.coresys.njit.edu
-.235.209.244   #ucsafsdb03.coresys.njit.edu
+ df -h /afs
-; 5. Starting the AFS Client and accessing the afs home directory
+The output of this command should be similar to the following:
-----
-* Reboot the machine. The OpenAFS client should auto start upon reboot.
+[[File:Ubuntu AFS 10.png | 800px]]
-* Using the following command, check if afs/ is mounted or not to verify if AFS client auto started or not on boot up.
+ ps -ef | grep afsd
- ls -l /
+The output of this command should be similar to the following:
-* Get the Kerberos ticket using kinit, and your AFS token using aklog
+[[File:Ubuntu AFS 11.png | 800px]]
+* Get your Kerberos ticket using kinit, and your AFS token using aklog
   kinit ''<Your NJIT UCID>'' && aklog
-* Use the following command to check if AFS token is generated or not.
+* Use the following command to check if your AFS token is generated or not.
   tokens
-[[File:Ubuntu AFS 9.png]]
+The output of this command should be similar to the following:
-'''Note:''' Token will expire in 24 hours. You can renew it by using the command mentioned in previous step.
+[[File:Ubuntu AFS 9.png | 800px]]
+'''Note:''' Your token will expire in 24 hours. You can renew it by using the following command.
+ kinit ''<Your NJIT UCID>'' && aklog
 * You should now be able to access your AFS home directory.

Difference between revisions of "Installing an OpenAFS Client on Ubuntu"

Latest revision as of 16:08, 29 August 2022

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Phake I

FAQ

GNOME

How To

News

Tools