the "old" rpm building tools are so sad as to be useless.
put them out of their misery.
Change-Id: I1f763a7907235fe2b178ee07b8ad4e5a6f165d24
Reviewed-on: http://gerrit.openafs.org/3162
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>
+++ /dev/null
-Uninstall
-complete
+++ /dev/null
-# After changing this file, please run
-# git ls-files -i --exclude-standard
-# to check that you haven't inadvertently ignored any tracked files.
-
-!.afs_state
+++ /dev/null
-6/27/02
-
-This is a brief description of how to use the OpenAFS Tools to create a cell
-that uses Kerberos 5 authentication, rather than the kaserver program that
-comes with OpenAFS.
-
-*** INTRODUCTION ***
-
-Kerberos 5 is an authentication protocol that is widely used by many
-applications. If you have an OpenAFS environment that is K5-aware, your
-users will not have to obtain authenticate separately with OpenAFS -- they
-can use their Kerberos tickets instead. For more information about the
-benefits of K5 over AFS authentication, see the following webpage:
-
-http://www.mathematik.uni-karlsruhe.de/~iwrmm/Persons/Schulz/Unix/afs/afs-krb5.html
-
-You should also check out AFSLore (http://grand.central.org/twiki/).
-
-Also, refer to the OpenAFS Tools README for a much more complete set
-of requirements and instructions. This document contains only things that
-are specific to the process of using Kerberos; it assumes you are already
-familiar with the other OpenAFS Tools requirements.
-
-*** REQUIREMENTS ***
-
-There are two major implementations of K5 -- MIT, and Heimdal. From what
-I can gather, one is not significantly better than the other. Unfortunately,
-their command line interfaces differ slightly, so for these tools I had to
-choose one with which to be compatible. I chose the MIT version. It is
-available at http://web.mit.edu/kerberos/www/index.html. You should download,
-compile, and install this if you haven't already.
-
-If you have an existing Kerberos realm that you plan to use, you only need to
-configure your soon-to-be OpenAFS server as a Kerberos client. If you're
-making a new realm, you're going to have to create a master KDC (which can
-be the same as your OpenAFS server if you want, but that's not advised), and
-also configure your OpenAFS server to be a client. The aforementioned MIT
-website has all the information you'll need on how to create or connect to
-a K5 realm. IMPORTANT NOTE: If you're creating a new realm, keep in mind
-that the OpenAFS cell you will be creating later must have the same name as
-the realm, except the name of the realm must be in all caps.
-
-The next step is to install the OpenAFS RPMs, available at
-http://www.openafs.org/. You'll need to get the openafs, openafs-kernel,
-openafs-client, openafs-server, and openafs-krb5 packages, and install
-them all.
-
-*** INSTALLATION ***
-
-Installation is pretty easy. Just do a normal install_afs command (as
-described in the OpenAFS Tools README), but specify the "-k" option. This
-informs the program that you are going to be using Kerberos for authentication.
-During the installation process, it will ask for a Kerberos administration
-password; this is the password for the admin/admin principal in your
-Kerberos realm. If it is not correct, the installation will not work!
-
-IMPORTANT NOTE: As far as I can tell, the name of your cell must be THE SAME
-as the name of the Kerberos realm you are using, except in should be in lower
-case letters instead of upper case. Supposedly there are ways to get around
-this, but I have not found them. Currently, the OpenAFS Tools supports only
-same-name integration.
-
-*** USE ***
-
-After the install_afs program completes, you should be ready to go. To test
-it out, execute the following commands.
-
- kinit admin
- aklog
- vos create <machine_name> <partition_name> test.vol
-
-This will create a test volume in your AFS cell. If you see any error
-messages about authentication, then something's not working.
-
-If everything works, you can start using your AFS cell. When you want to make
-new users, make them a Kerberos account, and then give them a PTS entry in
-your OpenAFS cell. That should be it!
-
-*** COMMON PROBLEMS ***
-
-Here are some solutions to problems I've encountered:
-
-- Some KDC in your Kerberos realm must be running the following programs
-before you run the OpenAFS installation program:
- kadmind
- krb5kdc
- krb524d -m
-- The name of your OpenAFS cell and Kerberos realm must be the same, except
-for differences in capitalization.
-- Make sure, after uninstalling OpenAFS, to delete the 'admin' and 'afs'
-principals from the Kerberos database.
-
-*** Future Work ***
-
-These tools should support both MIT and Heimdal implementations, and any
-others that may exist. Unfortunately, the only reasonable way to do this
-that I can see is to use the actual Kerberos 5 API. This would require
-writing a C program or two and integrating them into the OpenAFS
-installation script. While certainly possible, this would probably take
-some work.
-
-Removing the same name dependency between the OpenAFS cell and the Kerberos
-realm would be fantastic.
-
+++ /dev/null
-## RPM creation documentation ##
-## Steps to creating an openafs-tools-cmd binary distribution RPM ##
-##
-## Copyright 2001, International Business Machines Corporation and others.
-## All Rights Reserved.
-##
-## This software has been released under the terms of the IBM Public
-## License. For details, see the LICENSE file in the top-level source
-## directory or online at http://www.openafs.org/dl/license10.html
-##
-## openafs-tools, Version 1.2.5 ##
-
-Follow these steps to create a binary distribution RPM for the
-openafs-tools-cmd package no Red Hat Linux:
-
-1) Copy the spec file to your SPECS directory.
-
- cp openafs-tools-cmd-1.2.5-1.spec /usr/src/redhat/SPECS/
-
-2) Create the source package by running:
-
- ./make_rpm_source
-
- This creates the source tar and moves it to the
-/usr/src/redhat/SOURCES directory
-
-3) Now you can create the RPM:
-
- cd /usr/src/redhat/SPECS
- rpm -ba --clean openafs-tools-cmd-1.2.5-1.i386.rpm
-
- The RPM is now ready for use in the
-/usr/src/redhat/RPMS directory.
+++ /dev/null
-#!/bin/sh
-# OpenAFS uninstallation script for Linux
-# openafs-tools, Version 1.2.2
-#
-# Copyright 2001, International Business Machines Corporation and others.
-# All Rights Reserved.
-#
-# This software has been released under the terms of the IBM Public
-# License. For details, see the LICENSE file in the top-level source
-# directory or online at http://www.openafs.org/dl/license10.html
-#
-# the directory with the openafs-tools files:
-afscodeFileDir=/usr/afs/tools/install/
-#
-echo "Uninstall" > $afscodeFileDir/.afs_state
-echo "begin" >> $afscodeFileDir/.afs_state
-bosserver_process=$(ps -Ao pid,cmd | grep boss)
-kill ${bosserver_process%% /*}
-rm -rf /vicep*/*
-rm -rf /etc/rc.d/rc*.d/*afs*
-perl $afscodeFileDir/write_pam.pl disable
-rm -f /lib/security/pam_afs.so
-rm -rf /usr/afs/db
-rm -rf /usr/afs/etc
-rm -rf /usr/afs/local
-rm -rf /usr/afs/logs
-rm -f /usr/vice/etc/CellServDB
-rm -f /usr/vice/etc/ThisCell
-rm -f /usr/vice/etc/AFSLog
-rm -rf /usr/vice/cache
-rm -f $afscodeFileDir/install_output
-rm -f $afscodeFileDir/done.txt
-mkdir /usr/vice/cache
-echo "If you were using K5 authentication, make sure you delete all AFS related principals."
-echo "Uninstall" > $afscodeFileDir/.afs_state
-echo "complete" >> $afscodeFileDir/.afs_state
-
-
-
-
+++ /dev/null
-#! /bin/sh
-# Copyright 2000, International Business Machines Corporation and others.
-# All Rights Reserved.
-#
-# This software has been released under the terms of the IBM Public
-# License. For details, see the LICENSE file in the top-level source
-# directory or online at http://www.openafs.org/dl/license10.html
-
-# Configuration information for AFS client
-
-# AFS_CLIENT and AFS_SERVER determine if we should start the client and or
-# the bosserver. Possible values are on and off.
-AFS_CLIENT=on
-AFS_SERVER=on
-
-# AFS client configuration options:
-LARGE="-stat 2800 -dcache 2400 -daemons 5 -volumes 128"
-MEDIUM="-stat 2000 -dcache 800 -daemons 3 -volumes 70"
-SMALL="-stat 300 -dcache 100 -daemons 2 -volumes 50"
-OPTIONS=$MEDIUM
-
-# Set to "-verbose" for a lot of debugging information from afsd. Only
-# useful for debugging as it prints _a lot_ of information.
-VERBOSE=
-
-# AFSD_OPTIONS are the options passed to afsd.
-AFSD_OPTIONS="$OPTIONS $VERBOSE"
-
-
-# Sample server preferences function. Set server preferences using this.
-# afs_serverprefs() {
-# /usr/afsws/etc/fs setserverprefs <host> <rank>
-#}
-
-# Either the name of an executable script or a set of commands go here.
-# AFS_POST_INIT=afs_serverprefs
-AFS_POST_INIT=
+++ /dev/null
-#! /bin/sh
-# Copyright 2000, International Business Machines Corporation and others.
-# All Rights Reserved.
-#
-# This software has been released under the terms of the IBM Public
-# License. For details, see the LICENSE file in the top-level source
-# directory or online at http://www.openafs.org/dl/license10.html
-
-# Configuration information for AFS client
-
-# AFS_CLIENT and AFS_SERVER determine if we should start the client and or
-# the bosserver. Possible values are on and off.
-AFS_CLIENT=on
-AFS_SERVER=off
-
-# AFS client configuration options:
-LARGE="-stat 2800 -dcache 2400 -daemons 5 -volumes 128"
-MEDIUM="-stat 2000 -dcache 800 -daemons 3 -volumes 70"
-SMALL="-stat 300 -dcache 100 -daemons 2 -volumes 50"
-OPTIONS=$MEDIUM
-
-# Set to "-verbose" for a lot of debugging information from afsd. Only
-# useful for debugging as it prints _a lot_ of information.
-VERBOSE=
-
-# AFSD_OPTIONS are the options passed to afsd.
-AFSD_OPTIONS="$OPTIONS $VERBOSE"
-
-
-# Sample server preferences function. Set server preferences using this.
-# afs_serverprefs() {
-# /usr/afsws/etc/fs setserverprefs <host> <rank>
-#}
-
-# Either the name of an executable script or a set of commands go here.
-# AFS_POST_INIT=afs_serverprefs
-AFS_POST_INIT=
+++ /dev/null
-#! /bin/sh
-# Copyright 2000, International Business Machines Corporation and others.
-# All Rights Reserved.
-#
-# This software has been released under the terms of the IBM Public
-# License. For details, see the LICENSE file in the top-level source
-# directory or online at http://www.openafs.org/dl/license10.html
-
-# Configuration information for AFS client
-
-# AFS_CLIENT and AFS_SERVER determine if we should start the client and or
-# the bosserver. Possible values are on and off.
-AFS_CLIENT=off
-AFS_SERVER=on
-
-# AFS client configuration options:
-LARGE="-stat 2800 -dcache 2400 -daemons 5 -volumes 128"
-MEDIUM="-stat 2000 -dcache 800 -daemons 3 -volumes 70"
-SMALL="-stat 300 -dcache 100 -daemons 2 -volumes 50"
-OPTIONS=$MEDIUM
-
-# Set to "-verbose" for a lot of debugging information from afsd. Only
-# useful for debugging as it prints _a lot_ of information.
-VERBOSE=
-
-# AFSD_OPTIONS are the options passed to afsd.
-AFSD_OPTIONS="$OPTIONS $VERBOSE"
-
-
-# Sample server preferences function. Set server preferences using this.
-# afs_serverprefs() {
-# /usr/afsws/etc/fs setserverprefs <host> <rank>
-#}
-
-# Either the name of an executable script or a set of commands go here.
-# AFS_POST_INIT=afs_serverprefs
-AFS_POST_INIT=
+++ /dev/null
-#!/usr/bin/perl
-#
-# A perl script that checks to ensure the udebug output for a vlserver
-# claims that a quorum has been elected.
-#
-# openafs-tools, Version 1.2.2
-
-# Copyright 2002, International Business Machines Corporation and others.
-# All Rights Reserved.
-#
-# This software has been released under the terms of the IBM Public
-# License. For details, see the LICENSE file in the top-level source
-# directory or online at http://www.openafs.org/dl/license10.html
-#
-
-$serverName = $ARGV[0];
-
-$afscodeFileDir = "/usr/afs/tools/install/";
-$udebugOutput = $afscodeFileDir . "udebug.out.$$";
-
-$foundQuorum = 0;
-$recovery = 0;
-
-while( !($foundQuorum and $recovery) ) {
-
- system( "/usr/afs/bin/udebug $serverName vlserver &> $udebugOutput" ) == 0
- or (system( "rm -f $udebugOutput" ) == 0
- and die "check_udebug: the call to udebug (for server $serverName) failed or was killed\n");
-
- open( UDEBUG, "<$udebugOutput");
- @udebug = <UDEBUG>;
- close(UDEBUG);
-
- $newServerName = $serverName;
-
- foreach $line (@udebug) {
-
- # check the udebug output. if this is the sync site, we've
- # found our quorum. otherwise, if a last yes has been cast
- # we'll check if that site is the sync site. otherwise, if
- # the last yes vote has not been cast, we'll keep on
- # checking this site until it is.
- if( $line =~ m/^I am sync site(.*)/ ) {
- $foundQuorum = 1;
- } elsif( $line =~ m/^Last yes vote for ([^\s]*) .*/ ) {
- $newServerName = $1;
- } elsif( $line =~ m/^Recovery state (.*)\n$/ ) {
- if( $1 != 0 ) {
- $recovery = 1;
- }
- }
-
- }
-
- # if this isn't the sync site, try somewhere else.
- if( !$foundQuorum ) {
- $serverName = $newServerName;
- }
-
-}
-
-system( "rm -f $udebugOutput" );
-
-#return once we've found the sync site.
+++ /dev/null
-#!/bin/sh
-#
-# A command line interface to execute the installation of OpenAFS.
-#
-# openafs-tools, Version 1.2.2
-
-# Copyright 2001, International Business Machines Corporation and others.
-# All Rights Reserved.
-#
-# This software has been released under the terms of the IBM Public
-# License. For details, see the LICENSE file in the top-level source
-# directory or online at http://www.openafs.org/dl/license10.html
-#
-
-afscodeDir=/usr/afs/tools/install/
-
-firstServer=1
-addServer=2
-notServer=3
-
-isClient=1
-notClient=2
-
-if [ $# -gt 0 ]; then
-if [ $1 = "help" ]; then
-
- echo -e "OpenAFS Installation for Linux: Help Mode\n"
- echo -e "The command install_afs takes the following optional arguments. If any\nneeded information is not provided on the command line, it will be\nprompted for the user to input.\n"
- echo -e "\t-machineName (or -m) name: where name specifies\n\t the name of the machine the command is being run on"
- echo -e "\t-cellName (or -c) cell: where cell specifies the\n\t name of the home cell of this machine"
- echo -e "\t-shortCell (or -s) scell: where scell is the shortcut\n\t name desired for the home cell. Ignored if this\n\t is not the first server"
- echo -e "\t-hardDrive (or -h) hd: where hd is the device name on\n\t which to mount the first AFS partition. Ignored if this\n\t is not a server"
- echo -e "\t-serverType (or -st) type: where type can be \"first\",\n\t \"additional\", or \"not\", specifying whether this is\n\t to be the first server in a cell, an additional server\n\t for the cell, or not a server at all"
- echo -e "\t-clientType (or -ct) type: where type can be \"client\"\n\t or \"not\", specifying whether this machine is to be an\n\t AFS client or not"
- echo -e "\t-adminPassword (or -p) password: the administrative\n\t password of the cell. Ignored if this is not a server"
- echo -e "\t-existingServer (or -e) name: the name of an\n\t existing server already in the cell. Ignored if\n\t this is not an additional server"
- echo -e "\t-scriptDirectory (or -d) name: the name of the\n\t directory containing these OpenAFS installation\n\t scripts"
- echo -e "\t-krb5 (or -k): Set up Kerberos 5 authentication on this\n\t machine. Assumes this machine is a client of a Kerberos\n\t realm that has the same name as the cell being created,\n\t but all caps. Ignored if this is not a first server."
- echo -e "\t-kadminPassword (or -ka) password: the administrative\n\t password of the kerberos realm. Ignored if the -krb5\n\t flag is not set."
- echo -e "\t-noConf (or -n): Do not ask for confirmation before\n\t performing the installation."
- echo -e "\thelp: Display this help dialogue"
- echo
- exit 0
-
-fi fi
-
-# Check the state file to ensure AFS is not installed already
-if [ -r $afscodeDir/.afs_state ]; then
- read state < $afscodeDir/.afs_state
- if [ $state = "Install" ]; then
- echo -e "You have already run the OpenAFS installation program. You must uninstall OpenAFS before you install it again."
- exit 0
- fi
-fi
-
-while [ $# -gt 0 ]; do
-
- flag=$1
- if [ $# -ne 0 ]; then
- shift
- fi
- if [ $flag != "-noConf" -a $flag != "-n" -a $flag != "-krb5" -a $flag != "-k" ]; then
- val=$1
- if [ $# -ne 0 ]; then
- shift
- fi
- else
- val=1
- fi
-
- # if the value is empty
- if [ -z $val ]; then
- echo -e No value given to $flag flag. Use \"install_afs help\" for syntax.
- exit 0
- fi
- # if the value is a flag
- if [ -z ${val##-*} ]; then
- echo -e No value given to $flag flag. Use \"install_afs help\" for syntax.
- exit 0
- fi
-
- if [ $flag = "-machineName" -o $flag = "-m" ]; then
- machineName=$val
- else
- if [ $flag = "-cellName" -o $flag = "-c" ]; then
- cellName=$val
- else
- if [ $flag = "-shortCell" -o $flag = "-s" ]; then
- shortCell=$val
- else
- if [ $flag = "-hardDrive" -o $flag = "-h" ]; then
- hardDrive=$val
- else
- if [ $flag = "-scriptDirectory" -o $flag = "-d" ]; then
- scriptDir=$val
- else
- if [ $flag = "-serverType" -o $flag = "-st" ]; then
- server=$val
- if [ $val = "first" ]; then
- serverType=$firstServer
- else if [ $val = "additional" ]; then
- serverType=$addServer
- else if [ $val = "not" ]; then
- serverType=$notServer
- else
- echo -e Invalid value for -serverType flag. Use \"install_afs help\" for syntax.
- exit 0;
- fi fi fi
-
- else
- if [ $flag = "-clientType" -o $flag = "-ct" ]; then
- client=$val
- if [ $val = "client" ]; then
- clientType=$isClient
- else if [ $val = "not" ]; then
- clientType=$notClient
- else
- echo -e Invalid value for $flag flag. Use \"install_afs help\" for syntax.
- exit 0;
- fi fi
-
- else
- if [ $flag = "-adminPassword" -o $flag = "-p" ]; then
- adminPassword=$val
- else
- if [ $flag = "-existingServer" -o $flag = "-e" ]; then
- existingServer=$val
- else
- if [ $flag = "-noConf" -o $flag = "-n" ]; then
- noConf=$val
- else
- if [ $flag = "-krb5" -o $flag = "-k" ]; then
- krb5=$val
- else
- if [ $flag = "-kadminPassword" -o $flag = "-ka" ]; then
- kadminPassword=$val
- else
- echo Invalid flag $flag. Use \"install_afs help\" for syntax.
- exit 0;
- fi fi fi fi fi fi fi fi fi fi fi fi
-done
-
-# Collect variables not given:
-
-echo
-while [ -z $server ]; do
- echo -ne "Provide the server type for this machine (\"first\", \"additional\", or \"not\"),\n or hit enter to accept the default (\"first\"): "
- read server
-
- if [ -z $server ]; then
- server="first"
- fi
-
- if [ $server = "first" ]; then
- serverType=$firstServer
- else if [ $server = "additional" ]; then
- serverType=$addServer
- else if [ $server = "not" ]; then
- serverType=$notServer
- else
- echo -e Invalid value for server type. Please choose \"first\", \"additional\", or \"not\".
- server=""
- fi fi fi
-
-done
-
-while [ -z $client ]; do
- echo -ne "Provide the client type for this machine (\"client\" or \"not\"), or hit enter to\n accept the default (\"client\"): "
- read client
-
- if [ -z $client ]; then
- client="client"
- fi
-
- if [ $client = "client" ]; then
- clientType=$isClient
- else if [ $client = "not" ]; then
- clientType=$notClient
- else
- echo -e Invalid value for client type. Please choose \"client\" or \"not\".
- client=""
- fi fi
-
-done
-
-if [ $serverType -eq $notServer ]; then
- if [ $clientType -eq $notClient ]; then
- echo -e "This machine must be either a server or a client."
- exit 0
- fi
-fi
-
-while [ -z $cellName ]; do
- echo -ne "Provide the name of the cell (in the form of cellname.domainname):\n "
- read cellName
-done
-
-while [ -z $machineName ]; do
- read default < /etc/HOSTNAME
- echo -ne "Provide the name of this machine, or hit enter to accept the\n default ($default): "
- read machineName
-
- if [ -z $machineName ]; then
- machineName=$default
- fi
-
-done
-
-if [ $serverType -ne $notServer ]; then
-
- while [ -z $hardDrive ]; do
- echo -ne "Provide the name of the device on which to mount the AFS partition,\n i.e. hda5: "
- read hardDrive
- done
-
-fi
-
-if [ $serverType -eq $firstServer ]; then
-
- while [ -z $shortCell ]; do
- default=${cellName%%.*}
- echo -ne "Provide a shortcut name for your cell, or press Enter to accept the\n default ($default): "
- read shortCell
-
- if [ -z $shortCell ]; then
- shortCell=$default
- fi
-
- done
-
-fi
-
-if [ $serverType -eq $addServer ]; then
-
- while [ -z $existingServer ]; do
- echo -ne "Provide the name of the first server in this cell:\n "
- read existingServer
- done
-
-fi
-
-while [ -z $scriptDir ]; do
- default=$afscodeDir
- echo -ne "Provide the directory of this installation script, or press Enter to accept\n the default ($default): "
- read scriptDir
-
- if [ -z $scriptDir ]; then
- scriptDir=$default
- fi
-
-done
-
-if [ $serverType -ne $notServer ]; then
- while [ -z $adminPassword ]; do
- echo -ne "Provide the administrative password of this cell: "
- stty -echo echonl
- read adminPassword
- stty echo
- echo -ne "Please confirm the password: "
- stty -echo echonl
- read adminPassword2
- stty echo
-
- if [ -z $adminPassword ]; then
- echo -e "You must give a password"
- else
- if [ -z $adminPassword2 ]; then
- echo -e "You must confirm the password"
- adminPassword=""
- else
- if [ $adminPassword != $adminPassword2 ]; then
- echo -e "Passwords do not match"
- adminPassword=""
- fi fi fi
- done
-fi
-
-if [ $krb5 -ne 0 ]; then
- while [ -z $kadminPassword ]; do
- echo -ne "Provide the administrative password of the Kerberos realm: "
- stty -echo echonl
- read kadminPassword
- stty echo
- echo -ne "Please confirm the password: "
- stty -echo echonl
- read kadminPassword2
- stty echo
-
- if [ -z $kadminPassword ]; then
- echo -e "You must give a password"
- else
- if [ -z $kadminPassword2 ]; then
- echo -e "You must confirm the password"
- adminPassword=""
- else
- if [ $kadminPassword != $kadminPassword2 ]; then
- echo -e "Passwords do not match"
- kadminPassword=""
- fi fi fi
- done
-fi
-
-# Make sure the needed files exist:
-if [ $serverType -eq $addServer ]; then
- while [ ! -e $scriptDir/afs/ -o ! -e $scriptDir/afs/ThisCell -o ! -e $scriptDir/afs/CellServDB -o ! -e $scriptDir/afs/KeyFile -o ! -e $scriptDir/afs/UserList ]; do
- echo -e "Needed files in $scriptDir/afs do not exist."
- echo -e "Copy the following files from $existingServer to the specified locations:"
- echo -e "- $existingServer:/usr/afs/etc/ThisCell to $machineName:$scriptDir/afs/ThisCell"
- echo -e "- $existingServer:/usr/afs/etc/CellServDB to $machineName:$scriptDir/afs/CellServDB"
- echo -e "- $existingServer:/usr/afs/etc/KeyFile to $machineName:$scriptDir/afs/KeyFile"
- echo -e "- $existingServer:/usr/afs/etc/UserList to $machineName:$scriptDir/afs/UserList"
- echo -e "- $existingServer:/usr/vice/etc/CellServDB to $machineName:$scriptDir/vice/CellServDB"
- echo -e "Press Enter when ready"
- read anykey
- done
-fi
-if [ $serverType -ne $firstServer ]; then
- while [ ! -e $scriptDir/vice/ -o ! -e $scriptDir/vice/CellServDB ]; do
- echo "Needed file in $scriptDir/vice does not exist."
- echo -e "Copy the following file from an existing server to the specified location:"
- echo -e "- CellServDB from $cellName to $machineName:$scriptDir/vice/CellServDB"
- echo -e "Press Enter when ready"
- read anykey
- done
-fi
-echo
-echo -e "You're about to install OpenAFS with the following configuration:"
-echo -e "Machine name: $machineName"
-echo -e "Cell name: $cellName"
-if [ $serverType -eq $firstServer ]; then
- echo -e "Shortcut cell name: $shortCell"
-fi
-if [ $serverType -ne $notServer ]; then
- echo -e "Hard drive: $hardDrive"
- echo -ne "adminPassword: "
- i=0;
- while [ $i -lt ${#adminPassword} ]; do
- echo -ne "*"
- i=$[i+1]
- done
- echo
-fi
-echo -e "Server: $server"
-echo -e "Client: $client"
-if [ $serverType -eq $addServer ]; then
- echo -e "Existing server: $existingServer"
-fi
-echo -e "Script directory: $scriptDir"
-echo
-if [ -z $noConf ]; then
- echo -ne "Would you like to continue with the installation? "
- while [ -z $goAhead ]; do
- echo -ne "(y/n): "
- read goAhead
-
- if [ -z $goAhead ]; then
- :
- else
- if [ $goAhead = "n" ]; then
- echo -e "Aborting installation"
- exit 0
- else
- if [ $goAhead != "y" ]; then
- goAhead=""
- fi fi fi
-
- done
-fi
-
-#Start the installation
-
-# the directory on which the hard drive partition will be mounted:
-partition=/vicepa
-#
-#
-# the password for the afs account:
-afsPassword=$adminPassword
-#
-# Make sure the needed files exist:
-if [ $serverType -eq $addServer ]; then
- if [ ! -e $scriptDir/afs/ ]; then
- echo "Needed directory $scriptDir/afs does not exist. Aborting."
- exit 1
- fi
- if [ ! -e $scriptDir/afs/ThisCell ]; then
- echo "Needed file $scriptDir/afs/ThisCell does not exist. Aborting."
- exit 1
- fi
- if [ ! -e $scriptDir/afs/CellServDB ]; then
- echo "Needed file $scriptDir/afs/CellServDB does not exist. Aborting."
- exit 1
- fi
- if [ ! -e $scriptDir/afs/KeyFile ]; then
- echo "Needed file $scriptDir/afs/KeyFile does not exist. Aborting."
- exit 1
- fi
- if [ ! -e $scriptDir/afs/UserList ]; then
- echo "Needed file $scriptDir/afs/UserList does not exist. Aborting."
- exit 1
- fi
-fi
-if [ $serverType -ne $firstServer ]; then
- if [ ! -e $scriptDir/vice/ ]; then
- echo "Needed directory $scriptDir/vice does not exist. Aborting."
- exit 1
- fi
- if [ ! -e $scriptDir/vice/CellServDB ]; then
- echo "Needed file $scriptDir/vice/CellServDB does not exist. Aborting."
- exit 1
- fi
-fi
-# Write to the state file
-echo "Install" > $scriptDir/.afs_state
-echo "begin" >> $scriptDir/.afs_state
-#
-#
-#
-if [ $clientType -eq $isClient ]; then
- echo Configuring /etc/pam.d/login
- perl $scriptDir/write_pam.pl enable
- cd /lib/security
- echo ln -s pam_afs.so.1 pam_afs.so
- ln -s pam_afs.so.1 pam_afs.so
-fi
-#
-# Remove files installed by OpenAFS rpms that are intrusive
-echo "Removing troublesome files"
-rm -f /usr/vice/etc/ThisCell
-rm -f /usr/vice/etc/CellServDB
-#
-if [ $serverType -ne $notServer ]; then
- mkdir $partition
- echo Configuring /etc/fstab
- perl $scriptDir/write_fstab.pl $hardDrive $partition
- mount -a
-#
-#
- echo Starting the BOS server
- mkdir -p /usr/afs/etc
- if [ $serverType -eq $addServer ]; then
- # Move the needed file to /usr/afs/etc
- echo Copying /usr/afs/etc/ files for additional server
- cp -f $scriptDir/afs/ThisCell /usr/afs/etc/
- cp -f $scriptDir/afs/CellServDB /usr/afs/etc/
- cp -f $scriptDir/afs/KeyFile /usr/afs/etc/
- cp -f $scriptDir/afs/UserList /usr/afs/etc/
- fi
-#
- if [ $serverType -eq $firstServer ]; then
-
- echo /usr/afs/bin/bosserver -noauth
- /usr/afs/bin/bosserver -noauth
- echo bos setcellname $machineName $cellName -noauth
- bos setcellname $machineName $cellName -noauth
- echo bos listhosts $machineName -noauth
- bos listhosts $machineName -noauth
- echo bos addkey $machineName -key $afsPassword -kvno 0 -cell $cellName -noauth
- bos addkey $machineName -key $afsPassword -kvno 0 -cell $cellName -noauth
-
- echo bos shutdown $machineName -noauth
- bos shutdown $machineName -noauth
- bosserver_process=$(ps -Ao pid,cmd | grep boss)
- echo kill ${bosserver_process%% /*}
- kill ${bosserver_process%% /*}
-
- if [ -z $krb5 ]; then
- /usr/afs/bin/kaserver -noauth &
-
- echo Configuring kaserver
- kas create afs -initial_password $afsPassword -cell $cellName -noauth
- kas examine -name afs -cell $cellName -noauth
- kas create admin -initial_password $adminPassword -cell $cellName -noauth
- kas setfields admin -flags admin -cell $cellName -noauth
- kas examine -name admin -cell $cellName -noauth
-
- kaserver_process=$(ps -Ao pid,cmd | grep kaserver)
- echo kill ${kaserver_process%% /*}
- kill ${kaserver_process%% /*}
-
- else
-
- echo Setting up krb5
- kadmin -p admin/admin -w $kadminPassword -q "addprinc -pw $adminPassword afs"
- kadmin -p admin/admin -w $kadminPassword -q "modprinc -kvno 0 afs"
- kadmin -p admin/admin -w $kadminPassword -q "ktadd -k /etc/krb5.keytab -e des-cbc-crc:afs3 afs"
- asetkey add 1 /etc/krb5.keytab afs
- kadmin -p admin/admin -w $kadminPassword -q "ktremove -k /etc/krb5.keytab afs all"
- kadmin -p admin/admin -w $kadminPassword -q "addprinc -pw $adminPassword admin"
- kadmin -p admin/admin -w $kadminPassword -q "ktadd -k /etc/krb5.keytab admin"
-
- fi
-
- echo Bootstrapping ptserver
- echo -e "admin 128/20 1 -204 -204\nsystem:administrators 130/20 -204 -204 -204\n admin 1\n" | /usr/afs/bin/pt_util -p /usr/afs/db/prdb.DB0 -w
-
- fi
-
- /usr/afs/bin/bosserver
-
- if [ $serverType -ne $firstServer ]; then
- # Define the upclients
- echo bos create $machineName upclientetc simple "/usr/afs/bin/upclient $existingServer /usr/afs/etc" -cell $cellName -localauth
- bos create $machineName upclientetc simple "/usr/afs/bin/upclient $existingServer /usr/afs/etc" -cell $cellName -localauth
- echo bos create $machineName upclientbin simple "/usr/afs/bin/upclient $existingServer -clear /usr/afs/bin" -cell $cellName -localauth
- bos create $machineName upclientbin simple "/usr/afs/bin/upclient $existingServer -clear /usr/afs/bin" -cell $cellName -localauth
- fi
-fi
-#
-#
-if [ $serverType -eq $firstServer ]; then
-#
- echo Starting the Database Server Processes
-#
- if [ -z $krb5 ]; then
- echo bos create -server $machineName -instance kaserver -type simple -cmd /usr/afs/bin/kaserver -cell $cellName -localauth
- bos create -server $machineName -instance kaserver -type simple -cmd /usr/afs/bin/kaserver -cell $cellName -localauth
- fi
- echo bos create -server $machineName -instance buserver -type simple -cmd /usr/afs/bin/buserver -cell $cellName -localauth
- bos create -server $machineName -instance buserver -type simple -cmd /usr/afs/bin/buserver -cell $cellName -localauth
- echo bos create -server $machineName -instance ptserver -type simple -cmd /usr/afs/bin/ptserver -cell $cellName -localauth
- bos create -server $machineName -instance ptserver -type simple -cmd /usr/afs/bin/ptserver -cell $cellName -localauth
- echo bos create -server $machineName -instance vlserver -type simple -cmd /usr/afs/bin/vlserver -cell $cellName -localauth
- bos create -server $machineName -instance vlserver -type simple -cmd /usr/afs/bin/vlserver -cell $cellName -localauth
-#
- echo bos adduser $machineName admin -cell $cellName -localauth
- bos adduser $machineName admin -cell $cellName -localauth
- echo bos restart $machineName -all -cell $cellName -localauth
- bos restart $machineName -all -cell $cellName -localauth
-#
-fi
-#
-if [ $serverType -ne $notServer ]; then
- echo Starting the File Server, Volume Server, and Salvager
-#
- echo bos create $machineName fs fs /usr/afs/bin/fileserver /usr/afs/bin/volserver /usr/afs/bin/salvager -cell $cellName -localauth
- bos create $machineName fs fs /usr/afs/bin/fileserver /usr/afs/bin/volserver /usr/afs/bin/salvager -cell $cellName -localauth
-# Verify success of fs:
- echo bos status $machineName fs -long -localauth
- bos status $machineName fs -long -localauth
-#
- if [ $serverType -eq $firstServer ]; then
- # Wait for Ubik to elect a quorum
- echo Waiting for a quorum election . . .
- perl $scriptDir/check_udebug.pl $machineName
- echo vos create $machineName $partition root.afs -cell $cellName -localauth
- vos create $machineName $partition root.afs -cell $cellName -localauth
-#
- else
- vos syncvldb $machineName -cell $cellName -verbose -localauth
- vos syncserv $machineName -cell $cellName -verbose -localauth
- fi
-fi
-#
-if [ $serverType -eq $firstServer ]; then
- echo Starting the Server Portion of the Update Server
-#
- echo bos create $machineName upserver simple "/usr/afs/bin/upserver -crypt /usr/afs/etc -clear /usr/afs/bin" -cell $cellName -localauth
- bos create $machineName upserver simple "/usr/afs/bin/upserver -crypt /usr/afs/etc -clear /usr/afs/bin" -cell $cellName -localauth
-#
-#
-fi
-#
-# Installing Client Functionality
-#
-echo Defining Cell Membership for Client Processes
-#
-if [ $serverType -eq $notServer ]; then
- echo $cellName > /usr/vice/etc/ThisCell
-fi
-#
-echo Creating the Client CellServDB File
-
-cd /usr/vice/etc
-if [ $serverType -ne $firstServer ]; then
- # Move the CellServDB file to /usr/vice/etc
- cp -f $scriptDir/vice/CellServDB /usr/vice/etc
-fi
-#
-# copy correct afs setup file to etc/sysconfig
-if [ $serverType -eq $notServer ]; then
- cp -f $scriptDir/afsinit_client /etc/sysconfig/afs
-else
- cp -f $scriptDir/afsinit_both /etc/sysconfig/afs
-fi
-#
-# Overview: Completing the Installation of the First AFS Machine
-#
-echo Verifying the AFS Initialization Script
-#
-if [ $serverType -ne $notServer ]; then
- echo bos shutdown $machineName -localauth
- bos shutdown $machineName -localauth
- bosserver_process=$(ps -Ao pid,cmd | grep boss)
- echo kill ${bosserver_process%% /*}
- kill ${bosserver_process%% /*}
-fi
-
-#
-echo Continuing with Verifying ths AFS Initialization Script
-#
-echo /etc/rc.d/init.d/afs start
-/etc/rc.d/init.d/afs start
-if [ $serverType -ne $notServer ]; then
-
- if [ -z $krb5 ]; then
- # klog in as admin
- echo klog admin -password
- klog admin -password $adminPassword
- else
- kinit -t /etc/krb5.keytab admin
- aklog
- fi
-
- # verify klog worked correctly:
- echo tokens
- tokens
- # verify each process is running normally:
- echo bos status $machineName
- bos status $machineName
- cd /
- echo fs checkvolumes
- fs checkvolumes
-fi
-#
-echo Activating the AFS Initialization Script
-#
-echo /sbin/chkconfig --add afs
-/sbin/chkconfig --add afs
-cd /usr/vice/etc
-rm afs.rc afs.conf
-ln -s /etc/rc.d/init.d/afs afs.rc
-ln -s /etc/sysconfig/afs afs.conf
-#
-if [ $serverType -eq $firstServer ]; then
- echo Configuring the Top Levels of the AFS Filespace
-#
- # Wait for Ubik to elect a quorum
- echo Waiting for a quorum election . . .
- perl $scriptDir/check_udebug.pl $machineName
-
- echo fs setacl /afs system:anyuser rl
- fs setacl /afs -acl system:anyuser rl
- echo vos create $machineName $partition root.cell
- vos create $machineName $partition root.cell
- echo fs mkmount /afs/$cellName root.cell
- fs mkmount /afs/$cellName root.cell
- echo fs setacl /afs/$cellName system:anyuser rl
- fs setacl /afs/$cellName -acl system:anyuser rl
- cd /afs
- ln -s $cellName $shortCell
- echo fs mkmount /afs/.$cellName root.cell -rw
- fs mkmount /afs/.$cellName root.cell -rw
-
-# stop the client
- echo Stopping the client to replicate
- cd /
- umount /afs
- /usr/vice/etc/afsd -shutdown
-
- echo vos addsite $machineName $partition root.afs -localauth
- vos addsite $machineName $partition root.afs -localauth
- echo vos addsite $machineName $partition root.cell -localauth
- vos addsite $machineName $partition root.cell -localauth
- echo vos release root.afs -localauth
- vos release root.afs -localauth
- echo vos release root.cell -localauth
- vos release root.cell -localauth
-
- /etc/rc.d/init.d/afs stop
- # start the client again
- echo Starting client again
- /etc/rc.d/init.d/afs start
- cd /afs
-
- if [ -z $krb5 ]; then
- # klog in as admin
- echo klog admin -password
- klog admin -password $adminPassword
- else
- kinit -t /etc/krb5.keytab admin
- aklog
- kadmin -p admin/admin -w $kadminPassword -q "ktremove -k /etc/krb5.keytab admin all"
- kadmin -p admin/admin -w $kadminPassword -q "cpw -pw $adminPassword admin"
- fi
-
- # Wait for Ubik to elect a quorum
- echo Waiting for a quorum election . . .
- perl $scriptDir/check_udebug.pl $machineName
-
- echo fs examine /afs
- fs examine /afs
- echo fs examine /afs/$cellName
- fs examine /afs/$cellName
-
-fi
-fs checkvolumes
-#
-if [ $clientType -ne $isClient ]; then
-#
- echo Removing Client Functionality
-#
- # Install correct config file
- cp -f $scriptDir/afsinit_server /etc/sysconfig/afs
-#
- cd /usr/vice/etc
- ln -fs /usr/afs/etc/ThisCell ThisCell
- ln -fs /usr/afs/etc/CellServDB CellServDB
-#
- /etc/rc.d/init.d/afs stop
- /etc/rc.d/init.d/afs start
-#
-fi
-# remove the tokens
-unlog
-#
-# Write the done file
-echo "Here is a summary of what was done:<br><ul>" > $scriptDir/done.txt
-if [ $serverType -eq $firstServer ]; then
- echo "<li>Configured $machineName as the first server to the cell $cellName</li>" >> $scriptDir/done.txt
- echo "<li>Created the server processes (vlserver, buserver, kaserver, and ptserver)</li>" >> $scriptDir/done.txt
- echo "<li>Created /vicepa as a server partition</li>" >> $scriptDir/done.txt
- echo "<li>Created an admin account</li>" >> $scriptDir/done.txt
- echo "<li>Mounted a read-write version of root.cell at /afs/.$cellName</li>" >> $scriptDir/done.txt
-fi
-if [ $serverType -eq $addServer ]; then
- echo "<li>Configured $machineName as an additional server to the cell $cellName</li>" >> $scriptDir/done.txt
- echo "<li>Created the update processes, using $existingServer as the first server</li>" >> $scriptDir/done.txt
- echo "<li>Created /vicepa as a server partition</li>" >> $scriptDir/done.txt
-fi
-if [ $clientType -eq $isClient ]; then
- echo "<li>Configured $machineName as a client to the cell $cellName</li>" >> $scriptDir/done.txt
-fi
- echo "</ul><br>" >> $scriptDir/done.txt
-if [ $serverType -eq $firstServer ]; then
- echo "<br>Here are some suggestions about how to get started using your cell:<br><ul>" >> $scriptDir/done.txt
- echo "<li>Read the <a href=\"http://oss.software.ibm.com/developerworks/opensource/afs/docs.html\">OpenAFS documentation</a></li>" >> $scriptDir/done.txt
- echo "<li>Create users for your cell</li>" >> $scriptDir/done.txt
- echo "<li>Create volumes</li>" >> $scriptDir/done.txt
- echo "<li>Configure other machines to be additional servers for this cell</li>" >> $scriptDir/done.txt
- echo "<li>Make another partition (i.e. /vicepb) on which to store volumes</li>" >> $scriptDir/done.txt
- echo "<li>Mount other cells in root.afs</li>" >> $scriptDir/done.txt
- echo "</ul>" >> $scriptDir/done.txt
-fi
-# Write the state file
-echo "Install" > $scriptDir/.afs_state
-echo "complete" >> $scriptDir/.afs_state
-#
+++ /dev/null
-#!/bin/sh
-#
-# Copyright 2001, International Business Machines Corporation and others.
-# All Rights Reserved.
-#
-# This software has been released under the terms of the IBM Public
-# License. For details, see the LICENSE file in the top-level source
-# directory or online at http://www.openafs.org/dl/license10.html
-#
-# packup
-# creates rpm source file containing all the necessary files
-# for the OpenAFS command line tools. Moves to RPM source dir.
-#
-# openafs-tools, Version 1.2.2
-#
-# Directory containing installation scripts, etc.
-rootDir=../..
-mainFileDir=..
-rpmSource=/usr/src/redhat/SOURCES/
-#
-mkdir .tmpTarDir
-cd .tmpTarDir
-#
-cp $rootDir/openafs-tools-cmd.README .
-cp $mainFileDir/.afs_state afs_state
-cp $mainFileDir/afsinit_both .
-cp $mainFileDir/afsinit_client .
-cp $mainFileDir/afsinit_server .
-cp $mainFileDir/afs_uninstall .
-cp $mainFileDir/install_afs .
-cp $mainFileDir/K5_README .
-cp $mainFileDir/check_udebug.pl .
-cp $mainFileDir/write_fstab.pl .
-cp $mainFileDir/write_pam.pl .
-#
-cp $mainFileDir/unpack_cmd .
-#
-tar -cf afs_linux.tar *
-gzip -f afs_linux.tar
-cd ..
-cp .tmpTarDir/afs_linux.tar.gz .
-rm -rf .tmpTarDir
-#
-tar -cf openafs-tools-cmd.tar afs_linux.tar.gz
-rm -f afs_linux.tar.gz
-mv openafs-tools-cmd.tar $rpmSource
-chown nobody $rpmSource/openafs-tools-cmd.tar
-#
-
+++ /dev/null
-Summary: A program that can install and uninstall OpenAFS for Linux (command line only).
-Name: openafs-tools-cmd
-Version: 1.2.2
-Release: 1
-Copyright: IPL
-Packager: OpenAFS
-Group: Applications/File
-Source: openafs-tools-cmd.tar
-Conflicts: openafs-tools
-Requires: openafs, openafs-kernel, openafs-client, openafs-server
-BuildRoot: /var/tmp/%{name}-buildroot
-
-%description
-This rpm will extract and install the files needed to install and uninstall
-OpenAFS on a Linux system.
-
-%prep
-%setup -c
-gunzip afs_linux.tar.gz
-tar -xf afs_linux.tar
-
-%build
-chmod 744 unpack_cmd
-
-%install
-rm -rf $RPM_BUILD_ROOT
-./unpack_cmd
-
-%post
-%ifnos Linux
- echo -e "WARNING: Operating system is not Linux.\n openafs-tools has only been tested on Red Hat Linux, so proceed with caution."
-%endif
-if [ ! -e /usr/src/redhat ]; then
- echo -e "WARNING: This operating system may not be Red Hat Linux.\nopenafs-tools has only been tested on Red Hat, so proceed with caution."
-fi
-%ifos Linux
- ver=$(uname -r)
- verdash=${ver%%-*}
- vermaj=${verdash%.*}
- vermin=${verdash##*.}
- if [ $vermaj != "2.2" -a $vermaj != "2.4" ]; then
- echo -e "WARNING: Kernel version is not 2.2 or 2.4.\n openafs-tools-client has only been tested on kernel versions 2.2 and 2.4, so proceed with caution."
- fi
-%endif
-
-%preun
-rm -f /usr/afs/tools/install/*install_output*
-rm -rf /usr/afs/tools/install/afs
-rm -rf /usr/afs/tools/install/vice
-rm -rf /usr/afs/tools/install/done.txt
-
-%clean
-rm -rf $RPM_BUILD_ROOT
-
-%files
-%doc openafs-tools-cmd.README
-/usr/afs/tools/openafs-tools-cmd.README
-/usr/afs/tools/install/.afs_state
-/usr/afs/tools/install/afsinit_both
-/usr/afs/tools/install/afsinit_client
-/usr/afs/tools/install/afsinit_server
-/usr/afs/tools/install/afs_uninstall
-/usr/afs/tools/install/install_afs
-/usr/afs/tools/install/check_udebug.pl
-/usr/afs/tools/install/write_fstab.pl
-/usr/afs/tools/install/write_pam.pl
-%dir /usr/afs/tools/install/
-
-
-
-
+++ /dev/null
-Summary: A program that can install and uninstall OpenAFS for Linux (command line only).
-Name: openafs-tools-cmd
-Version: 1.2.5
-Release: 1
-Copyright: IPL
-Packager: OpenAFS
-Group: Applications/File
-Source: openafs-tools-cmd.tar
-Conflicts: openafs-tools
-Requires: openafs, openafs-kernel, openafs-client, openafs-server
-BuildRoot: /var/tmp/%{name}-buildroot
-
-%description
-This rpm will extract and install the files needed to install and uninstall
-OpenAFS on a Linux system.
-
-%prep
-%setup -c
-gunzip afs_linux.tar.gz
-tar -xf afs_linux.tar
-
-%build
-chmod 744 unpack_cmd
-
-%install
-rm -rf $RPM_BUILD_ROOT
-./unpack_cmd
-
-%post
-%ifnos Linux
- echo -e "WARNING: Operating system is not Linux.\n openafs-tools has only been tested on Red Hat Linux, so proceed with caution."
-%endif
-if [ ! -e /usr/src/redhat ]; then
- echo -e "WARNING: This operating system may not be Red Hat Linux.\nopenafs-tools has only been tested on Red Hat, so proceed with caution."
-fi
-%ifos Linux
- ver=$(uname -r)
- verdash=${ver%%-*}
- vermaj=${verdash%.*}
- vermin=${verdash##*.}
- if [ $vermaj != "2.2" -a $vermaj != "2.4" ]; then
- echo -e "WARNING: Kernel version is not 2.2 or 2.4.\n openafs-tools-client has only been tested on kernel versions 2.2 and 2.4, so proceed with caution."
- fi
-%endif
-
-%preun
-rm -f /usr/afs/tools/install/*install_output*
-rm -rf /usr/afs/tools/install/afs
-rm -rf /usr/afs/tools/install/vice
-rm -rf /usr/afs/tools/install/done.txt
-
-%clean
-rm -rf $RPM_BUILD_ROOT
-
-%files
-%doc openafs-tools-cmd.README
-/usr/afs/tools/openafs-tools-cmd.README
-/usr/afs/tools/install/.afs_state
-/usr/afs/tools/install/afsinit_both
-/usr/afs/tools/install/afsinit_client
-/usr/afs/tools/install/afsinit_server
-/usr/afs/tools/install/afs_uninstall
-/usr/afs/tools/install/install_afs
-/usr/afs/tools/install/K5_README
-/usr/afs/tools/install/check_udebug.pl
-/usr/afs/tools/install/write_fstab.pl
-/usr/afs/tools/install/write_pam.pl
-%dir /usr/afs/tools/install/
-
-
-
-
+++ /dev/null
-#!/bin/sh
-#
-# unpack
-# unpacks some of the necessary files for the OpenAFS command line tools.
-#
-# openafs-tools, Version 1.2.2
-#
-# Copyright 2001, International Business Machines Corporation and others.
-# All Rights Reserved.
-#
-# This software has been released under the terms of the IBM Public
-# License. For details, see the LICENSE file in the top-level source
-# directory or online at http://www.openafs.org/dl/license10.html
-#
-# Directory to put all installation scripts, etc.
-buildRoot=/var/tmp/openafs-tools-cmd-buildroot
-rootDir=$buildRoot/usr/afs/tools
-mainFileDir=$rootDir/install
-#
-mkdir -p $mainFileDir/
-#
-cp openafs-tools-cmd.README $rootDir/
-cp -f afs_state $mainFileDir/.afs_state
-cp -f afsinit_both $mainFileDir/
-cp -f afsinit_client $mainFileDir/
-cp -f afsinit_server $mainFileDir/
-cp -f afs_uninstall $mainFileDir/
-cp -f install_afs $mainFileDir/
-cp -f K5_README $mainFileDir/
-cp -f check_udebug.pl $mainFileDir/
-cp -f write_fstab.pl $mainFileDir/
-cp -f write_pam.pl $mainFileDir/
-#
-chmod 600 $mainFileDir/.afs_state
-chmod 744 $mainFileDir/afs_uninstall
-chmod 744 $mainFileDir/install_afs
-chmod a+w $mainFileDir
-#
-
-
-
-
+++ /dev/null
-#!/usr/bin/perl
-#
-# A perl script that will replace the line in /etc/fstab
-# corresponding to the device given by the first argument,
-# with a new line mounting that device to the second
-# argument, or add it if necessary.
-#
-# openafs-tools, Version 1.2.2
-
-# Copyright 2001, International Business Machines Corporation and others.
-# All Rights Reserved.
-#
-# This software has been released under the terms of the IBM Public
-# License. For details, see the LICENSE file in the top-level source
-# directory or online at http://www.openafs.org/dl/license10.html
-#
-
-open( FSTAB, "</etc/fstab");
-@fstab = <FSTAB>;
-close(FSTAB);
-
-open( FSTAB, ">/etc/fstab");
-
-$replaced = 0;
-
-foreach $line (@fstab) {
- @splitline = split(/\s+/, $line);
- if( $splitline[0] eq "/dev/$ARGV[0]" ) {
- print FSTAB "/dev/$ARGV[0]\t\t$ARGV[1]\t\t\text2\tdefaults 0 2\n";
- $replaced = 1;
- } else {
- print FSTAB $line;
- }
-}
-
-if( $replaced == 0 ) {
- print FSTAB "/dev/$ARGV[0]\t\t$ARGV[1]\t\t\text2\tdefaults 0 2\n";
-}
+++ /dev/null
-#!/usr/bin/perl
-#
-# A perl script that will enable or disable
-# AFS login on a machine, depending on the
-# first argument to the script.
-#
-# openafs-tools, Version 1.2.2
-
-# Copyright 2001, International Business Machines Corporation and others.
-# All Rights Reserved.
-#
-# This software has been released under the terms of the IBM Public
-# License. For details, see the LICENSE file in the top-level source
-# directory or online at http://www.openafs.org/dl/license10.html
-#
-
-open( LOGIN, "</etc/pam.d/login");
-@login = <LOGIN>;
-close(LOGIN);
-
-open( LOGIN, ">/etc/pam.d/login");
-
-if( $ARGV[0] eq "enable" ) {
-
- $enabled == 0;
-
- foreach $line (@login) {
- @splitline = split( /\s+/, $line);
- # only enable if: it's directly before the pwdb line (without the "shadow nullock",
- # it hasn't been enabled yet in this script
- if( $splitline[2] eq "/lib/security/pam_pwdb.so" && $splitline[3] eq "" && $enabled == 0 ) {
- print LOGIN "auth\t sufficient\t/lib/security/pam_afs.so try_first_pass ignore_root\n";
- $enabled = 1;
- }
- # If you encounter the line, turn enabled on
- if( $splitline[2] eq "/lib/scurity/pam_afs.so" ) {
- $enabled = 1;
- }
- print LOGIN $line;
- }
-
-} else {
-
- foreach $line (@login) {
- @splitline = split( /\s+/, $line);
- if( $splitline[2] ne "/lib/security/pam_afs.so" ) {
- print LOGIN $line;
- }
-
- }
-
-}
-
-
+++ /dev/null
-## OpenAFS Tools Documentation ##
-## A collection of open source programs and interfaces designed ##
-## to ease the configuration and maintenance of OpenAFS. ##
-##
-## Copyright 2001, International Business Machines Corporation and others.
-## All Rights Reserved.
-##
-## This software has been released under the terms of the IBM Public
-## License. For details, see the LICENSE file in the top-level source
-## directory or online at http://www.openafs.org/dl/license10.html
-##
-## openafs-tools, Version 1.2.5 ##
-
-####################### TABLE OF CONTENTS ###########################
-
-1) Overview
-2) System configuration requirements
- a) OS
- b) OpenAFS
- c) OpenAFS Tools
-3) Usage
- a) OpenAFS Installation
- b) OpenAFS Uninstallation
-4) Implementation
- a) OpenAFS Installation
- b) OpenAFS Uninstallation
-5) Known Problems
-6) Future Expansion
-
-######################## 1) OVERVIEW ################################
-
- The Tools use shell and Perl scripts. So far, they has been tested
-only on Red Hat Linux 6.2 and 7.1 machines, running kernels 2.2 or 2.4.
- As of this version, OpenAFS Tools has two functions:
-installing OpenAFS, and uninstalling OpenAFS.
- We hope that you enjoy using and developing these tools, and
-that they enhance the popularity and use of OpenAFS. If you have
-any questions, comments or suggestions, please send them to the
-OpenAFS mailing lists.
-
-############# 2) SYSTEM CONFIGURATION REQUIREMENTS ##################
-
-a) OS
- OpenAFS Tools has been developed and tested on machines running
-Red Hat Linux 6.2 and 7.1, with kernel version 2.2 or 2.4. It may
-or may not run well on other versions of Linux or other kernel
-versions -- use caution when using them with other setups.
-
-b) OpenAFS
- Finally, you need to download and install the OpenAFS 1.2.2 RPMs
-for Red Hat Linux from http://www.openafs.org. The files you need
-are:
- Red Hat 6.2:
- openafs-kernel-1.2.2-rh6.2.1.i386.rpm
- openafs-1.2.2-rh6.2.1.i386.rpm
- openafs-client-1.2.2-rh6.2.1.i386.rpm
- openafs-server-1.2.2-rh6.2.1.i386.rpm
- Red Hat 7.1:
- openafs-kernel-1.2.2-rh7.1.1.i386.rpm
- openafs-1.2.2-rh7.1.1.i386.rpm
- openafs-client-1.2.2-rh7.1.1.i386.rpm
- openafs-server-1.2.2-rh7.1.1.i386.rpm
-Once these are downloaded, install them (using an rpm -i or rpm -U
-command).
-
-c) OpenAFS Tools
- Now all that's left to do is install the OpenAFS Tools rpm. The
-file you need is openafs-tools-1.2.2-1.i386.rpm. Install it using
-an rpm -i or rpm -U command. This will create several directories
-and populate your system with necessary files. The main directories
-created and populated is:
- /usr/afs/tools/install/
-Now you should be ready to get started.
-
-########################## 3) USAGE #################################
-
-a) OpenAFS Installation
-
- Execute the /usr/afs/tools/install/install_afs command.
-It can take a variety of arguments to specify how you would like
-to set the machine up. If you do not specify needed arguments
-on the command line, you will be prompted for them interactively.
-To get a rundown on how to use install_afs, execute:
- /usr/afs/tools/install/install_afs help
-
-If you are creating an additional server or not a server, OpenAFS
-Tools will ensure that you have all the required files on your
-system. These are files needed by the OpenAFS installation program
-to connect you to cells that already exist. You must get these files
-manually from an existing server, as we have not yet implemented
-a secure way of doing this automatically. For additional servers,
-the files you need to copy are:
- - Copy the /usr/afs/etc/ThisCell file from the existing server
-to /usr/afs/tools/install/afs/ThisCell on your machine.
- - Copy the /usr/afs/etc/CellServDB file from the existing server
-to /usr/afs/tools/install/afs/CellServDB on your machine.
- - Copy the /usr/afs/etc/KeyFile file from the existing server
-to /usr/afs/tools/install/afs/KeyFile on your machine.
- - Copy the /usr/afs/etc/UserList file from the existing server
-to /usr/afs/tools/install/afs/UserList on your machine.
- - Copy the /usr/vice/etc/CellServDB file from the existing server
-to /usr/afs/tools/install/vice/CellServDB on your machine.
-
- For client-only installation, you need the following file:
- - Copy the /usr/vice/etc/CellServDB file from the existing server
-to /usr/afs/tools/install/vice/CellServDB on your machine.
-
-b) OpenAFS Uninstallation
-
- The uninstallation program is very simple. Just run
- /usr/afs/tools/install/afs_uninstall
-It does not accept any arguments and will not prompt you for
-anything. Be forewarned, however: this will uninstall OpenAFS from
-your system and delete any information served from that machine in
-OpenAFS filespace. You should also restart your machine after
-running the command, to avoid potential problems with future OpenAFS
-installations.
-
-##################### 4) IMPLEMENTATION #############################
-
- This section will focus on the details of the implementation of
-OpenAFS tools. It will outline the code and file structure of the
-package, and will document the choices made during implementation, so
-that someone working on the code can have a better understanding for
-what's there already.
-
-a) OpenAFS Installation
-
- The files involved in OpenAFS installation are:
-
- - Possible AFS configuration files (/etc/sysconfig/afs):
- /usr/afs/tools/install/afsinit_both
- /usr/afs/tools/install/afsinit_server
- /usr/afs/tools/install/afsinit_client
- - Checking the state of OpenAFS on the system:
- /usr/afs/tools/install/.afs_state
- - Command line installation:
- /usr/afs/tools/install/install_afs
- - Perl scripts:
- /usr/afs/tools/install/check_udebug.pl
- /usr/afs/tools/install/write_fstab.pl
- /usr/afs/tools/install/write_pam.pl
-
-What follows is a brief summary of the installation process.
- - Installation starts with the script install_afs. The first thing
-it does is ensure that the files needed for setting up additional
-servers and/or clients exist in the appropriate places (see section
-3.a for a description of these files). Then, after indicating to
-the state file that installation has begun, it begins installing
-OpenAFS.
- - For clients, it then enables Pam Login Authentication using
-the write_pam.pl program to change the /etc/pam.d/login file.
- - For servers, it will alter the /etc/fstab file via the
-write_fstab.pl program, mounting the user-specified hard drive to
-the /vicepa directory.
- - For additional servers, it now copies the required
-files from the /usr/afs/tools/install/afs directory to the
-/usr/afs/etc directory, and defines the upclient processes,
-which will periodically update the server's /usr/afs/bin and
-/usr/afs/etc directories based on those directories on the first
-server in the cell.
- - A first server must then briefly start up a bosserver with
-the noauth flag in order to create the keyfile and set the cell
-name. It immediately shuts down the bosserver when this is down.
-Next, it uses a kaserver with noauth to initialize cell security.
-This involves creating two user accounts: afs and admin. afs is an
-account for the server processes and will not be needed by the user.
-Currently we use the administrative password for the afs account
-password. The admin account is now added to the bos server database
-and a pts entry is created as well. Also, the afs account password
-is added as a key for the server. The kaserver process is terminated.
-The pts database is then bootstrapped to add the administrator to it.
- - For first servers, a normal bosserver is started. It then
-creates the database server processes (kaserver, buserver, ptserver,
-and vlserver).
- - The file server, volume server, and salvager processes are now
-started for servers.
- - Next the root.afs volume is created for first servers, and on
-additional servers the vldb is synced up.
- - On a first server, the upserver process is then defined.
- - Next the /usr/vice/etc/ThisCell file is created on a non-server
-machine, and for non-first-servers the /usr/vice/etc/CellServDB file
-is copied from its location at /usr/afs/tools/install/vice.
- - The correct AFS setup file is copied to /etc/sysconfig/.
- - Now the bosserver process is killed for server machines.
- - The next thing it does is initialize afs (/etc/rc.d/init.d/afs),
-and for servers it klogs in as admin.
- - Then it activates the OpenAFS initialization script by running
-/sbin/chkconfig --add afs.
- - Next a first server will configure the OpenAFS file space.
-Before doing this, however, it must first wait until a quorum has
-been elected. After the check, the root.cell volume is created,
-it is mounted at /afs/<cell_name>, and the permissions are set
-on both it and /afs as read and lookup for any user. A read-write
-version of root.cell is mounted at /afs/.<cell_name>. Replication
-sites for both root.afs and root.cell are added.
- - If necessary, client functionality is removed.
- - Lastly, a done.txt file is written explaining what has been done
-and what comes next, for use by the web interface. The state file
-is notified that installation is complete, and then the script ends.
-
-b) OpenAFS Uninstallation
-
- Uninstallation has only one file:
- /usr/afs/tools/install/afs_uninstall
-Here is a brief summary of what it does to uninstall OpenAFS:
- - First it indicates to the state file that uninstallation has
-begun.
- - Then it kills whatever bos server processes may be running.
- - Next, it deletes everything stored in an AFS partition directory
-( i.e. vicep*).
- - It deletes the links to any initialization scripts in the startup
-directories (/etc/rc.d/rc*.d/*afs*)
- - It removes the PAM afs file, and reconfigures the PAM login file
-to not have integrated AFS logon.
- - It deletes the db, etc, local, and logs directories from
-/usr/afs.
- - Next it removes unnecessary files from /usr/vice/etc.
- - Then it deletes everything from the cache (/usr/vice/cache).
- - Finally, it informs the state file that uninstallation is
-complete.
-
-##################### 5) KNOWN PROBLEMS #############################
-
- We have encountered a few problems along the way, and wanted to
-document them as such.
- - Be careful when installing something without client
-functionality. This seems to require an extra reboot of the
-machine. After installing OpenAFS, restart your machine again,
-and that should get it working properly.
- There very well be some other problems that we haven't
-yet encountered. If you encounted such a problem, please send a
-description to openafs-devel@openafs.org
-
-#################### 6) FUTURE EXPANSION ############################
-
- There is a lot of room for developing this package into something
-very useful, and we would like to make a few suggestions for future
-additions/fixes to the code.
- - Allow ways to authenticate other than the kaserver, such as krb5.
- - Find a secure, automatic way to transfer files from a server
-machine to a machine that is to be set up as an additional server or
-a client, rather then require the manual tranferral of those files.
- - Agree on a standard way to set up the filespace of a cell, as in
-where to put the user volumes, etc., so that this can all be done
-automatically by the scripts.
- - Port this code to other operating systems to make it more
-widely useful.
- - Resolve all "Known Problems" (see section 5).
- - Test, test, test.
projects / packages / o / openafs.git / commitdiff