The information on this page applies to Linux only

It may be applicable with some modifications to OS X, too.

The Stuff

CSL uses AFS for all file storage. This is already set up on every CSL supported machine, but it can also be handy if you have a laptop in the department.

Note: You can use it from home, too, but the performance is usually somewhere between dismal and offensive. For remote usage, Fuse/SSHFS is often a better solution. This requires FUSE (Filesystems in User SpacE) support in your kernel or as a module, but nothing else.

Installation

Kerberos

The first step is to set up Kerberos support on your computer. To begin, install mit-krb5 (website). It would be a good idea to make sure you also enable the optional Kerberos v4 support with this, just in case.

• For Gentoo, emerge mit-krb5

• Other distros, add your commands!

This next step is optional, but it can be useful to tame the temporary files that Kerberos generates. In your shell profile file (~/.bash_profile for bash users), set the environment variables

• KRB5CCNAME=$HOME/.krb/krb5cc
• KRBTKFILE=$HOME/.krb/tkt

By default, these files are placed in /tmp. If your /tmp is on tmpfs (like it should be), your Kerberos tickets disappear every time you reboot. Storing them in $HOME and requesting tickets for long periods of time is just helpful (you can re-authenticate less frequently).

OpenAFS

Next, install the openafs-client using your Linux distribution's package manager. This includes some client programs and the AFS kernel module.

• For Gentoo, emerge net-fs/openafs

• People with other distros, add information here!

• If your distro does not support OpenAFS, the official website has source packages.

On a CSL box, cd /var/vice/etc and copy the following files to /etc/openafs (or the equivalent for your distro) on your laptop:

• cacheinfo
• CellServDB

• ThisCell

Optional: Modify the number at the end of the line in cacheinfo to reflect the number of bytes that you wish to dedicate to the local AFS file cache. A few gigabytes work really well if you have the space.

Usage

Whenever you actually want to access AFS, start the openafs-client daemons in whatever manner your distro provides (typically something like /etc/init.d/openafs-client start). This automatically creates /afs without any input from you (the actual mount point is specified in /etc/openafs/cacheinfo. The default is /afs). If you anticipate using this all the time, you can add it to the set of daemons started by your distro.

The following commands are also required:

• kinit -f requests a forwardable Kerberos ticket. If you are not in the CS building (and not on the wireless network) you will probably have to specify a full hostname: kinit -f username@CS.WISC.EDU (the caps are important). You can also request a ticket with a specific lifetime with the -l flag. For example, -l10d requests a ticket for ten days.

• aklog registers you with the AFS cell using your Kerberos ticket (granting you access to your own files).

Assuming I didn't miss any steps, you should now be ready to have fun.