openafs access under the fedora distribution

Certain rpm packages have been created here at NCSU that should make it easier to access your files in openafs paths. Here are some instructions for setting up openafs under fedora

Run the following command as root:

in fedora 23+

dnf install krb5-workstation

Next, edit the file /etc/krb5.conf

under [libdefaults] section

change

# default_realm = EXAMPLE.COM

to

default_realm = EOS.NCSU.EDU

The next section of the file is [realms]

change:

[realms]
# EXAMPLE.COM = {
# kdc = kerberos.example.com
# admin_server = kerberos.example.com
# }

to

[realms]
EOS.NCSU.EDU = {
admin_server = kerberos-master.ncsu.edu:749
default_domain = eos.ncsu.edu
}

change

[domain_realm]
# .example.com = EXAMPLE.COM
# example.com = EXAMPLE.COM

to

[domain_realm]
.ncsu.edu = EOS.NCSU.EDU
ncsu.edu = EOS.NCSU.EDU

Ok, you should be finished editing the krb5.conf file now. So save that file.

Run the following command as root:

in fedora 23:

dnf -y --nogpgcheck install http://install.linux.ncsu.edu/pub/yum/itecs/public/openafs/fedora23/noarch/openafs-release-1.0-1.noarch.rpm

or in fedora 24:

dnf -y --nogpgcheck install http://install.linux.ncsu.edu/pub/yum/itecs/public/openafs/fedora24/noarch/openafs-release-1.0-1.noarch.rpm

or in fedora 25:

dnf -y --nogpgcheck install http://install.linux.ncsu.edu/pub/yum/itecs/public/openafs/fedora25/noarch/openafs-release-1.0-1.noarch.rpm

Next, type:

dnf install openafs openafs-client openafs-devel openafs-dkms kernel-devel

Please note that the dkms package takes a couple of minutes to install.

To actually use afs services:

systemctl start openafs-client

Authenticate against the Kerberos 5 Realm to receive a ticket-granting ticket:

kinit UNITYID

Confirm that you have received tickets:

klist

aklog -c unity.ncsu.edu -k EOS.NCSU.EDU
aklog -c eos.ncsu.edu -k EOS.NCSU.EDU
aklog -c bp.ncsu.edu -k EOS.NCSU.EDU

tokens

You may wish to explore creating a shell script to automate some of those last steps with kinit and aklog. Here is a link to an example shell script. http://fpaste.org/211789/90693142/
You should be able to access afs now.

Troubleshooting

If you see this error:

libprot: Could not locate cell eos.ncsu.edu in /etc/openafs/CellServDB

mv /etc/openafs/CellServDB

out of the way and create a new one with the following contents:

>eos.ncsu.edu #North Carolina State University - College of Engineering
152.1.9.3 #eos02db.unity.ncsu.edu
152.1.1.39 #eos00db.unity.ncsu.edu
152.1.1.40 #eos01db.unity.ncsu.edu
>unity.ncsu.edu #NCSU Computing Center
152.1.1.36 #cc00db.unity.ncsu.edu
152.1.1.37 #cc01db.unity.ncsu.edu
152.1.1.38 #cc02db.unity.ncsu.edu
>bp.ncsu.edu #North Carolina State University - Backbone Prototype
152.1.1.27 #tourian.cc.ncsu.edu
152.1.1.28 #norfair.cc.ncsu.edu
152.1.1.29 #maridia.cc.ncsu.edu