OpenAFS on OpenSuse 12.1: No connection to filesystem

Hello,

I cannot get OpenAFS to connect to my employer’s filesystem and would like to know what is wrong and how to fix it.

Local system information

Opensuse 12.1 online install, all updates included, kernel 3.1.0-1.2-desktop

OpenAFS installation

from http://download.opensuse.org/repositories/filesystems/openSUSE_12.1/ installed packages openafs, openafs-client, openafs-docs, openafs-kmp-desktop, openafs-krb5-mit

I believe the following packages may also be important to mention: krb5, krb5-32bit, krb5-client, krb5-devel, pam_krb5

OpenAFS configuration

put in place files /etc/krb5.conf, /etc/openafs/CellServDB, /etc/openafs/ThisCell; these files work for other users on Ubuntu Linux to connect to the desired filesystem

Observations

  • as root after installation and reboot:
:~ # /etc/init.d/openafs-client status
redirecting to systemctl
openafs-client.service - LSB: Start OpenAFS Client
          Loaded: loaded (/etc/init.d/openafs-client)
          Active: inactive (dead)
          CGroup: name=systemd:/system/openafs-client.service
:~ # /etc/init.d/openafs-client start
redirecting to systemctl
:~ # /etc/init.d/openafs-client status
redirecting to systemctl
openafs-client.service - LSB: Start OpenAFS Client
          Loaded: loaded (/etc/init.d/openafs-client)
          Active: active (running) since Thu, 05 Jan 2012 15:33:20 +0100; 21s ago
         Process: 3937 ExecStart=/etc/init.d/openafs-client start (code=exited, status=0/SUCCESS)
          CGroup: name=systemd:/system/openafs-client.service
                  └ 3959 /usr/sbin/afsd -stat 2000 -daemons 3 -volumes 70 -memcache -dynroot -fakestat -afsdb
  • as user:
:~ > ps -e | grep -i afs
 3948 ?        00:00:00 afs_pagecopy
 3955 ?        00:00:00 afs_callback
 3957 ?        00:00:00 afs_rxevent
 3958 ?        00:00:00 afs_rxlistener
 3959 ?        00:00:00 afsd
 3963 ?        00:00:00 afsd
 3964 ?        00:00:00 afs_checkserver
 3966 ?        00:00:00 afs_background
 3967 ?        00:00:00 afs_background
 3970 ?        00:00:00 afs_background
 3971 ?        00:00:00 afs_cachetrim
:~ > lsmod | grep -i afs
libafs                817957  2 
:~ > dir /afs
total 20
drwxr-xr-x   1 2048 Jan  1  1970 .:mount/
lrwxr-xr-x   1   12 Jan  1  1970 .openafs -> .openafs.org/
drwxr-xr-x 100 4096 Jan  1  1970 .openafs.org/
drwxr-xr-x 100 4096 Jan  1  1970 .employer_domain/
lrwxr-xr-x   1   11 Jan  1  1970 openafs -> openafs.org/
drwxr-xr-x 100 4096 Jan  1  1970 openafs.org/
drwxr-xr-x 100 4096 Jan  1  1970 employer_domain/
:~ > kinit -V
Using default cache: /tmp/krb5cc_1000
Using principal: user_name@employer_domain
Password for user_name@employer_domain: 
Authenticated to Kerberos v5
:~ > tokens

Tokens held by the Cache Manager:

Tokens for afs@employer_domain [Expires Jan  6 16:21]
   --End of list--
:~ > klog.krb5 user_name
Password for user_name@employer_domain: 
[after quite a while...]
klog: server or network not responding Can't get your viceid for cell employer_domain
:~ > klog.krb5 -tmp
Password for user_name@employer_domain: 
Wrote ticket file to /tmp/krb5cc_1000
klog: server or network not responding Can't get your viceid for cell employer_domain

My goal is to manually establish the connection with the filesystem as user, i.e., I do not need it to happen automatically when I log in to my machine (a laptop).

In your replies, please be as specific as possible since I am usually rather a top-level user of Linux.

Many thanks in advance.

The issue has been resolved. It turned out to be necessary to open certain ports in the firewall:

port 7001 UDP inbound and outbound
port 7000, 7002, 7003, 7005, 7007 UDP outbound

More details at https://lists.openafs.org/pipermail/openafs-info/2012-January/037455.html and the corresponding thread. See also http://wiki.openafs.org/AFSLore/AdminFAQ/#3.07%20%20Which%20TCP/IP%20ports%20and%20pro .

As a side note: For the installation of the OpenAFS packages, it is necessary to select the correct kernel module (if it exists as precompiled package) that corresponds to the kernel of the local system. The output of ‘uname -r’ gives a good indication. On the present system this was ‘3.1.0-1.2-desktop’, therefore the selection of ‘openafs-kmp-desktop’ (note the ‘-desktop’ in both cases).