SPONSORED LINKS
Here are some useful links for AFS management:

Random tips:

Enable dynroot and fakestat, disable nosettime, for performance: -chunksize 20; cache on ext2/ext3 only; -afsdb to use AFSDB DNS records

To make AFS attach /vicepa even if it's not a filesystem mount point: touch /vicepa/AlwaysAttach

A quick fix for cache corruption: fs flush and/or fs flushv

Backup sol$autions: amanda-afs, bacula (see Turbo's /scripts/)

Load AFS metadata into SQL: link

Can't get pags anymore or pagsh doesn't work? How many groups are you in?

/usr/include/limits.h:#define   NGROUPS_MAX     16

Use CellAlias file for 'shortcut' cell names.

Out of space but there's plenty of free disk?

The directory structure contains 64K slots.
filenames under 16 chars occupy 1 slot.
filenames between 16 and 32 chars occupy 2 slots
filenames between 33 and 48 chars occupy 3 slots, and on

For a diskless AFS root: Load openafs.ko and afsd -memcache from an initrd, remount AFS as / or chroot to it, then mount a tmpfs over /dev and populate it (or use udev). Anywhere else where a device node, socket or fifo is required, mount a tmpfs.

To debug cache manager: cmdebug -long

writebehind in AFS client allows close() to return before the file has been flushed to the server

Access AFS from inside a chroot:

mount -o bind /afs /chroot1/afs
mount -o bind /afs /chroot2/afs

@sys must be at the END of the link name for the substitution to work correctly.

Windows clients: MIT KFW 2.6.5. There should be no reason to use Wake anymore

ACLs are limited to 20 entries.

Users can create up to 20 groups by default. To increase: pts setf username -groupq (some number larger than 20, 0 is infinity)

AFS servers support only the des-cbc-crc, des-cbc-md4, and des-cbc-md5 enctypes, so you will need to make sure that the AFS service principal has keys only for those enctypes.

The kdump program allows the System Administrator to gather detailed information about the internal structures of a cache manager when a problem occurs.

You can use the hidden vos offline command to set a volume offline.

If client cache becomes corrupted:

The easiest way to flush a cache is, as root, to:
fs setca 1
fs setca 0

The first will try to reduce the size of the cache to 1 block. This
won't literally happen, but it'll likely go down below 100.

The latter will set your cache size back to the default set in the
cacheinfo file.

If that doesn't work, you will have to reboot.  The best way to clean
the cache out completely is to remove the file
/usr/vice/cache/CacheItems and reboot.

it is recommended that applications which scan entire directories (like programs reading a maildir) read the entire list of files from readdir and then sort the results by inode number before starting to access files.

you can recreate the prdb just as if you were building a new cell. remove /usr/afs/db/prdb.* and go through the new cell steps for prdb (using noauth) or use pt_util to create a new one.

I recommend making regular backups of the prdb, because its contents are critical to the correct functioning of the ACL system. If you have to recreate the prdb from scratch, you may be able to reconstruct local users' ID's from other sources, but you are not going to be able to recover the ID's of groups, foreign users, and non-null instances (any of which may appear on ACL's) and you will not be able to recover group memberships.

#!/bin/sh
# Perform nightly pts database backups

if [ "x`/bin/hostname`" = xcucumber.srv.cs.cmu.edu ] ; then
  dbdir=/usr/afs/db
  ptutil=/usr/afs/bin/pt_util
else
  dbdir=/var/openafs/db
  ptutil=/usr/local/sbin/pt_util
fi

dbfile=$dbdir/prdb.DB0
tmpfile=$dbdir/prdb.tmp
dumpfile=$dbdir/prdb.dump

rm -f $tmpfile
$ptutil -ugm -p $dbfile -d $tmpfile || exit
mv $tmpfile $dumpfile

Backtracing the threaded fileserver: (gdb) thread apply all where