The contents on this site are being moved to Highlander Nexus
Difference between revisions of "Installing an OpenAFS Client on Ubuntu"
From Linux and MacOSX Wiki
Line 3: | Line 3: | ||
; 1. Installing OpenAFS packages | ; 1. Installing OpenAFS packages | ||
---- | ---- | ||
+ | |||
* Open the '''Terminal''' application on your machine and run the following command to install the AFS client and Kerberos packages. | * Open the '''Terminal''' application on your machine and run the following command to install the AFS client and Kerberos packages. | ||
Line 8: | Line 9: | ||
[[File:Ubuntu AFS 1.png | 800px]] | [[File:Ubuntu AFS 1.png | 800px]] | ||
− | |||
* Now, you will be prompted to provide information Like AFS Cell and AFS Cache. | * Now, you will be prompted to provide information Like AFS Cell and AFS Cache. | ||
− | |||
[[File:Ubuntu AFS 2.png | 800px]] | [[File:Ubuntu AFS 2.png | 800px]] | ||
− | |||
[[File:Ubuntu AFS 3.png | 800px]] | [[File:Ubuntu AFS 3.png | 800px]] | ||
Line 29: | Line 27: | ||
; 2. Installing Kerberos Client package | ; 2. Installing Kerberos Client package | ||
---- | ---- | ||
+ | |||
* After installing the OpenAFS packages, you will have to install the Kerberos Client package. Run the following command in a '''Terminal'''. | * After installing the OpenAFS packages, you will have to install the Kerberos Client package. Run the following command in a '''Terminal'''. | ||
Line 63: | Line 62: | ||
dns_lookup_realm = false | dns_lookup_realm = false | ||
dns_lookup_kdc = false | dns_lookup_kdc = false | ||
− | ticket_lifetime = | + | ticket_lifetime = 24h |
renew_lifetime = 30d | renew_lifetime = 30d | ||
forwardable = true | forwardable = true | ||
Line 82: | Line 81: | ||
pam = { | pam = { | ||
debug = false | debug = false | ||
− | ticket_lifetime = | + | ticket_lifetime = 24h |
renew_lifetime = 30d | renew_lifetime = 30d | ||
forwardable = true | forwardable = true | ||
Line 128: | Line 127: | ||
[[File:Ubuntu AFS 9.png]] | [[File:Ubuntu AFS 9.png]] | ||
+ | |||
+ | '''Note:''' Token will expire in 24 hours. You can renew it by using the command mentioned in previous step. | ||
* You should now be able to access your AFS home directory. | * You should now be able to access your AFS home directory. |
Revision as of 20:16, 10 April 2019
This documentation will show you how to access the NJIT's AFS file system (/afs/cad.njit.edu/) from your Ubuntu machine (Ubuntu 18.04.1 LTS). You will have to do some installations on your Ubuntu machine to get access to AFS directories. Follow the instructions provided in the rest of the document.
- 1. Installing OpenAFS packages
- Open the Terminal application on your machine and run the following command to install the AFS client and Kerberos packages.
sudo apt-get install openafs-krb5 openafs-client
- Now, you will be prompted to provide information Like AFS Cell and AFS Cache.
- Provide the following information in the dialog boxes and hit ok:
- AFS Cell: cad.njit.edu
- AFS Cache: Leave this default
- Once the command has been completed, you will see the message DKMS: install completed
- 2. Installing Kerberos Client package
- After installing the OpenAFS packages, you will have to install the Kerberos Client package. Run the following command in a Terminal.
sudo apt-get install krb5-user
- Now, you will be prompted to provide information Like Kerberos Realm, Servers and Admin Server.
- Provide the following information in the dialog boxes and hit ok:
- Realm: NJIT.EDU (In capital letters)
- Servers: kay00.njit.edu:88 kay01.njit.edu:88 kay02.njit.edu:88
- Admin Server: kay00.njit.edu:749
- 3. Edit /etc/krb5.conf
- Delete all the content of file /etc/krb5.conf and add the following:
# NJIT - ARCS Kerberos Configuration - 20140404 [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = NJIT.EDU dns_lookup_realm = false dns_lookup_kdc = false ticket_lifetime = 24h renew_lifetime = 30d forwardable = true allow_weak_crypto = TRUE allow_weak_enctypes = TRUE [realms] NJIT.EDU = { kdc = kay00.njit.edu:88 kdc = kay01.njit.edu:88 kdc = kay02.njit.edu:88 admin_server = kay00.njit.edu:749 default_domain = njit.edu } [domain_realm] .njit.edu = NJIT.EDU njit.edu = NJIT.EDU [appdefaults] pam = { debug = false ticket_lifetime = 24h renew_lifetime = 30d forwardable = true krb4_convert = false pam-afs-session = { ignore_root=true debug=true } } libkafs = { NJIT.EDU = { afs-use-524 = no } }
- 4. Edit /etc/openafs/CellServDB
- Delete all the content of file /etc/openafs/CellServDB and add the following:
>cad.njit.edu #Cell name 128.235.209.210 #ucsafsdb00.coresys.njit.edu 128.235.209.211 #ucsafsdb01.coresys.njit.edu 128.235.209.243 #ucsafsdb02.coresys.njit.edu 128.235.209.244 #ucsafsdb03.coresys.njit.edu
- 5. Starting the AFS Client and accessing the afs home directory
- Reboot the machine. The OpenAFS client should auto start upon reboot.
- Using the following command, check if afs/ is mounted or not to verify if AFS client auto started or not on boot up.
ls -l /
- Get the Kerberos ticket using kinit, and your AFS token using aklog
kinit <Your NJIT UCID> && aklog
- Use the following command to check if AFS token is generated or not.
tokens
Note: Token will expire in 24 hours. You can renew it by using the command mentioned in previous step.
- You should now be able to access your AFS home directory.
cd /afs/cad/u/<first_letter_of_ucid>/<second_letter_of_ucid>/<your_ucid>/
Example: If your NJIT UCID is abc123 then
cd /afs/cad/u/a/b/abc123/