SPONSORED LINKS
Random tips:
Enable dynroot and fakestat, disable nosettime, for performance: -chunksize 20; cache on ext2/ext3 only; -afsdb to use AFSDB DNS records
To make AFS attach /vicepa even if it's not a filesystem mount point: touch /vicepa/AlwaysAttach
A quick fix for cache corruption: fs flush and/or fs flushv
Backup sol$autions: amanda-afs, bacula (see Turbo's /scripts/)
Load AFS metadata into SQL: link
Can't get pags anymore or pagsh doesn't work? How many groups are you in?
/usr/include/limits.h:#define NGROUPS_MAX 16
Use CellAlias file for 'shortcut' cell names.
Out of space but there's plenty of free disk?
The directory structure contains 64K slots. filenames under 16 chars occupy 1 slot. filenames between 16 and 32 chars occupy 2 slots filenames between 33 and 48 chars occupy 3 slots, and on
For a diskless AFS root: Load openafs.ko and afsd -memcache from an initrd, remount AFS as / or chroot to it, then mount a tmpfs over /dev and populate it (or use udev). Anywhere else where a device node, socket or fifo is required, mount a tmpfs.
To debug cache manager: cmdebug writebehind in AFS client allows close() to return before the file has been flushed to the server
Access AFS from inside a chroot:
@sys must be at the END of the link name for the substitution to work correctly.
Windows clients: MIT KFW 2.6.5. There should be no reason to use Wake anymore
ACLs are limited to 20 entries.
Users can create up to 20 groups by default. To increase: pts setf username -groupq (some number larger than 20, 0 is infinity)
AFS servers support only the des-cbc-crc, des-cbc-md4, and des-cbc-md5
enctypes, so you will need to make sure that the AFS service principal has keys
only for those enctypes.
The kdump program allows the System Administrator to gather detailed information about the internal structures of a cache manager when a problem occurs.
You can use the hidden vos offline command to set a volume offline.
If client cache becomes corrupted:
it is recommended that applications which scan entire directories
(like programs reading a maildir) read the entire list of files from readdir
and then sort the results by inode number before starting to access files.
you can recreate the prdb just as if you were building a new cell. remove
/usr/afs/db/prdb.* and go through the new cell steps for prdb (using
noauth) or use pt_util to create a new one.
I recommend making regular backups of the prdb,
because its contents are critical to the correct functioning of the ACL
system. If you have to recreate the prdb from scratch, you may be able to
reconstruct local users' ID's from other sources, but you are not going to
be able to recover the ID's of groups, foreign users, and non-null
instances (any of which may appear on ACL's) and you will not be able to
recover group memberships.
Backtracing the threaded fileserver: (gdb) thread apply all where
mount -o bind /afs /chroot1/afs
mount -o bind /afs /chroot2/afs
The easiest way to flush a cache is, as root, to:
fs setca 1
fs setca 0
The first will try to reduce the size of the cache to 1 block. This
won't literally happen, but it'll likely go down below 100.
The latter will set your cache size back to the default set in the
cacheinfo file.
If that doesn't work, you will have to reboot. The best way to clean
the cache out completely is to remove the file
/usr/vice/cache/CacheItems and reboot.
#!/bin/sh
# Perform nightly pts database backups
if [ "x`/bin/hostname`" = xcucumber.srv.cs.cmu.edu ] ; then
dbdir=/usr/afs/db
ptutil=/usr/afs/bin/pt_util
else
dbdir=/var/openafs/db
ptutil=/usr/local/sbin/pt_util
fi
dbfile=$dbdir/prdb.DB0
tmpfile=$dbdir/prdb.tmp
dumpfile=$dbdir/prdb.dump
rm -f $tmpfile
$ptutil -ugm -p $dbfile -d $tmpfile || exit
mv $tmpfile $dumpfile