UNC AFS Installation Guide
for Mac OS X 10.1 and Mac OS X 10.2
Summary of Procedures
Follow these steps to load the openafs package:
1. Go to
http://www.openafs.org/release/latest.html
2. Under the MacOS X 10.1 (MacOS X 10.2) section, click on the OpenAFS.pkg.tar link.
3. After the package has downloaded, double-click the AFS install icon
on your desktop. You will be asked a few inconsequential questions.
Installation takes about a minute.
Before you can modify files, you need to enable the root user on your machine. If you do not have a root user (from a terminal window you cannot su to root), startup the NetInfo utility by invoking:
Finder --> Applications --> Utilities --> NetInfo Manager
1. Click the lock button in the NetInfo manager window
2. Enter the name and password of an admin user; click OK
3. Choose Security from the Domain menu; then choose Enable Root User from the submenu
4. Enter the root password you wish to use and click Set
5. Enter the password again for verification and click Verify
6. Click the lock button again to prevent changes
7. Finally, open up a Terminal window and su to root.
Three files need to be modified on the Mac to allow openafs to talk to our local AFS cell.
# cd /private/var/db/openafs/etc
1. Create a file named ThisCell that contains the single line:
isis.unc.edu
2. Add the below lines to the beginning of the file named CellServDB:
>isis.unc.edu # University of North Carolina Project Isis
152.2.1.5 #db0.isis.unc.edu
152.2.1.6 #db1.isis.unc.edu
152.2.1.7 #db2.isis.unc.edu
# cd /private/var/db/openafs/etc/config
3. Create a file named afsd.options that contains the single line:
-stat 2000 -dcache 800 -daemons 3 -volumes 70 -rootvol root.afs
4. Create the following symbolic links:
# mkdir -p /usr/afsws
# ln -s /usr/bin /usr/afsws/bin
# ln -s /usr/bin/sed /bin/sed
Reboot your Mac. When it comes up, you should have an AFS icon on your desktop. You can double-click that to get access to AFS space. Alternatively, you can start up a Terminal window. AFS space appears under /afs.
At this point you have access to AFS space, but you don't have permission to your own personal space (most of the folders in your home directory have red minus signs through them). This is because your Mac uid is not the same as your AFS uid. You will need to make them match.
1. If your username on the Mac is NOT the same as your onyen, you need to create a new user account on your Mac that has the same name as your onyen. You then need to add that user to the groups you currently belong to on your Mac. (If your Mac username is the same as your onyen, you can skip this step.)
(a) Open up the Users System Preferences:
System Preferences --> Users --> New User
Create a new user with the same name as your onyen.
(b) Open up a Terminal window.
Type:
/usr/bin/id
It will print a list of the groups you currently belong to.
(c) Open up the NetInfo utility's group pane:
Finder --> Applications --> Utilities --> NetInfo Manager --> Groups
Click the lock icon in the lower left-hand corner and enter your admin passwd so that you can make changes.
Add your onyen to all of your current Mac groups.
(d) From a Terminal window copy over all of your files from your old Mac username directory to the account you just created:
% su
# cp -pR /Users/<old Mac username>/* /Users/<onyen>
(e) Log out and log back in under your onyen.
2. Change the uid of the onyen user on the Mac to match your AFS uid:
Open up the NetInfo utility user's pane:
Finder --> Applications --> Utilities --> NetInfo Manager --> users
Click the lock icon in the lower left-hand corner and enter your admin passwd so that you can make changes.
Double-click on your onyen.
Change the following value:
uid to be the same as your AFS uid
(Your AFS uid can be found from the Terminal window with the command:
/usr/bin/pts examine <onyen>
In the id: <number> field, <number> is your AFS uid. And be sure to write down your current Mac uid, since you'll need to provide it in the next step.)
3. Change ownership of your files on the Mac to your AFS uid:
Open up a Terminal window and type:
% su
# find / -xdev -user <old Mac username uid> -print -exec chown <AFS uid> {} \;
This could take a few minutes to complete, depending on how big your system is; be patient! When find has finished its work, exit the su session and then issue a klog command to be sure you have a token:
# exit
% klog
NOTE: There is an OS 10.* bug in the Terminal that results in echoing being turned off after you klog. To fix this type:
% reset
or
% stty sane
Make sure you can access your AFS filespace through the GUI (the AFS icon on your desktop).
NOTE: When you log in the first time after a reboot you won't have a token. You will need to klog to get a token. Tokens are preserved when you log out and back in, however.
If you wish your home directory to be the same as your AFS home directory, you need to tell the Mac your home directory resides in AFS space. The cd command will then take you to your AFS home directory. ipm will work the same as on any DCI supported platform. (If you wish to change your default shell from tcsh to bash you can do that now, too.)
Open up NetInfo Manager User's pane as above. Access your onyen username entry and change the following value:
home to be the pathname to your AFS home directory.
You can determine your AFS home directory by invoking the following command from a Terminal window:
% grep ^<your onyen>: /afs/isis/common/prop/users | awk -F: '{print $6}'
In a Terminal window, create the following symbolic links:
% cd <your AFS home directory>
% ln -s /Users/<your_user_name>/Desktop
% ln -s /Users/<your_user_name>/Documents
% ln -s /Users/<your_user_name>/Library
% ln -s /Users/<your_user_name>/Music
% ln -s /Users/<your_user_name>/Pictures
If the /usr/bin/perl executable does not exist on your machine, you need to link to perl in AFS space. As root:
# cd /usr/bin
# ln -s /afs/isis/pkg/perl/bin/perl
If you wish your default shell to be bash do the following:
1. Copy /afs/isis/pkg/bash/bin/bash to /bin/bash
2. Set the value of shell in your NetInfo username entry to /bin/bash
3. Open up the Terminal program. Go to Terminal --> Preferences. Click on Shell. Click on "Use default login shell for this user".
Make sure ipm is accessing the correct cache files, e.g.
% ipm q should list all the packages you are currently subscribed to.
If you created a new Mac user account in step 1 above, you may want to delete the old one at some point. It's best to keep it around until you are sure that everything is working correctly. At that point you can delete the old account as follows:
Open up the Users System Preferences:
System Preferences --> Users
Click the lock icon in the lower left-hand corner and enter your admin passwd so that you can make changes.
Click on your old Mac username.
Click the Delete button.
The Mac uses the NetInfo database as a password file instead of /etc/passwd. You add new users to the NetInfo database using the nidump and niload commands. For example, as root:
# cd /tmp
# nidump passwd . > passwd.new
This will dump the contents of the NetInfo passwd table into passwd.new. Edit passwd.new to add users, e.g. to add user smith you would add a line something like:
smith::12434:200:0:0::Joe Smith:/afs/isis.unc.edu/home/s/m/smith:/bin/bash
Load the file back into the Netinfo database with the command:
# niload passwd . < passwd.new
smith will now be able to log onto your machine with his home directory set to AFS space.
To modify a password entry, edit the file passwd.new to make the necessary changes, and load it into the NetInfo database with the command:
# niload -d passwd . < passwd.new
Note that the fifth and sixth fields of the Mac password line (0:0) are unique to the Mac platform; they specify password expiration times. We don't use this feature so leave them set to 0.
Maintained by: dci@unc.edu
URL: http://its.unc.edu/dci/dci_components/afs/install/afs-solaris8.html
Last Updated: January 28, 2003