A lot of this will translate to other distributions as well, however I cannot guarantee it will work as it reads.
This section is almost definately OS/Distro independant.
AFS needs Kerberos installed. See KerberosNotes for notes this.
AFS seems to be fairly filesystem independant, so you can basically use any filesystem you like on the server. It really prefers having a seperate partition for your AFS cell, and some notes I've read hint at it requiring a different fsck for magical reasons, so its probably best to follow this. Put your first partition on /vicepa, and your second on /vicepb, and so on.
You can also use the namei backend which is slow, but is FS/OS independant, provided you can do normal filesystem stuff - NathanWard
AFS requires that the hostname of your server resolve via DNS correctly. Make sure this is the case before you get too far down the line, or else you'll hit weird problems that occur for no apparent reason.
I've never had this problem... I have used clients and servers with no DNS server. Perhaps this is a Kerberos issue? - NathanWard
AFS seems to really dislike linux 2.4.20. I've not tried it on a more recent kernel (not even a pre21 kernel). It does seem to work ok with 2.4.18 however. Make sure you have a kernel that works before continuing, or else things will fail for no good reason!
I'm running 2.4.20 in production now. Works fine. YMMV - NathanWard
In debian, install the following: openafs-dbserver openafs-krb5 openafs-client
Your cellname should be your lower-case DNS name, eg element.tla Your DBServer for AFS should be the dns name of the machine you are installing on currently!
Run the following commands:
kadmin.local -e des-cbc-crc:v4
addprinc -randkey afs
ktadd -k /tmp/afs.keytab afs
quit
kadmin.local
addprinc root
(enter passowrds)
quit
asetkey add 3 /tmp/afs.keytab afs
I don't think adding a princ for root is a good idea. The "Kerberos Way" is to have user/instance. In my case, nward/admin, which in AFS is known as nward.admin - NathanWard
Make sure you have a partition created and mounted at /vicepa. If you cant do this with a real partition, make a loopback one as follows:
dd if=/dev/zero of=/var/lib/openafs/vicepa bs=1024k count=32 mke2fs /var/lib/openafs/vicepa mkdir /vicepa && mount -oloop /var/lib/openafs/vicepa /vicepa
Never fear! later on you can add /vicepb, /vicepc and so on.. - NathanWard
In /etc/openafs, edit the following files and make sure they look something like these
/etc/openafs/ThisCell element.tla /etc/openafs/CellServDb >element.tla # cell 10.66.1.101 # afs.element.tla
At this point, make sure you have compiled the openafs modules for your kernel. If you build a new kernel at the same time, reboot now so you can get these modules installed properly.
You can do this under Debian with make-kpkg?:
# apt-get source openafs-modules-source # cd /usr/src # tar xzf openafs.tar.gz # cd /path/to/kernel/source # make-kpkg modules_image # dpkg -i ../openafs-modules*deb
kvno's are key version numbers. Every time you change your password this number is incremented.
One page links to AFSNotes:
