Indiana University
University Information Technology Services
  
What are archived documents?
Login>>
Login

Login is for authorized groups (e.g., UITS, OVPIT, and TCC) that need access to specialized Knowledge Base documents. Otherwise, simply use the Knowledge Base without logging in.

Close

At IU, how do I install and configure OpenAFS on my Unix workstation for use with the RFS?

OpenAFS is a distributed file system that runs on most major computing platforms. To use it at Indiana University, you must also install a Kerberos 5 client, since IU uses the most secure authentication encryption available.

You will need root access to the computer, and you will most likely need to reboot it.

Installing Kerberos 5

Get the Kerberos 5 client from Kerberos: The Network Authentication Protocol. Click current release. If you use Unix (e.g., Solaris, AIX, or Linux), download the source code, and then unpack, compile, and install Kerberos 5.

Research File System (RFS) at IU uses the ADS.IU.EDU Kerberos realm. You can use the sample krb5.conf file.

Installing OpenAFS

Once you have Kerberos installed, you can install OpenAFS. The latest OpenAFS release is available from the OpenAFS web site.

If you use Unix, download, compile, and install OpenAFS from the OpenAFS downloads page.

Note: You will need at least OpenAFS 1.4.0-rc4 to use RFS. You will also want to be sure the aklog application compiles along with this. To force this, include the following when running configure:

./configure --with-krb5-conf=/usr/bin/krb5-config

Make sure you set this to the actual location of krb5-config, as it may vary depending on where you installed Kerberos applications earlier.

Each type of Unix needs to have a kernel module installed to be able to use OpenAFS. These are available as binary packages in tar.gz files from the OpenAFS web site. For documentation about how these are installed on Unix systems, see Quick Beginnings. The documentation for installing each type of supported OS is found in the appropriate section.

Once this is installed, you'll need to edit the following files:

  • /usr/vice/etc/CellServDB.local should contain: -------------- >iu.edu #Cell name 129.79.43.68 #rfs1.uits.indiana.edu 134.68.142.53 #rfs3.iu.edu 134.68.142.51 #rfs2.iu.edu --------------
  • /usr/vice/etc/ThisCell should contain: -------------- iu.edu --------------

After configuration and installation, reboot your computer to activate the kernel module and connect to the AFS server.

How to authenticate

To authenticate (with your IU Network ID username in place of username):

> kinit username@ADS.IU.EDU Password for username@ADS.IU.EDU: > aklog -c IU.EDU -k ADS.IU.EDU > klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: username@ADS.IU.EDU Valid starting Expires Service principal 08/31/09 11:06:04 08/31/09 21:06:10 krbtgt/ADS.IU.EDU@IU.EDU renew until 09/01/09 11:06:04 08/31/09 11:06:19 08/31/09 21:06:10 afs@ADS.IU.EDU renew until 09/01/09 11:06:04

Your home directory will be in a directory path like this:

/afs/iu.edu/home/u/s/username

If your username were dvader, for example, you would find your files residing in /afs/iu.edu/home/d/v/dvader .

For help with this process, email Research Storage.

Note: To access your RFS account when you're away from the Indiana University campus, you need a VPN connection to the IU network. You can disconnect from the VPN once you have your AFS token.

This is document arxs in domain all.
Last modified on June 09, 2011.

Comments/Questions/Corrections

Use this form to offer suggestions, corrections, and additions to the Knowledge Base. We welcome your input!

If you are affiliated with Indiana University and would like assistance with a specific computing problem, please use the Ask a Consultant form, or contact your campus Support Center.

Contact Information

Note: We will reply to your comment at this address. If your message concerns a problem receiving email, please enter an alternate email address.