1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
5 >AFS Administration Guide</TITLE
8 CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
10 TITLE="About This Guide"
11 HREF="f24.html"></HEAD
30 >AFS Administration Guide</A
37 >Copyright © 2000 IBM Corporation. All Rights Reserved</P
45 >This edition applies to: <TABLE
50 >IBM AFS for AIX, Version 3.6</TD
54 >IBM AFS for Digital Unix, Version 3.6</TD
58 >IBM AFS for HP-UX, Version 3.6</TD
62 >IBM AFS for Linux, Version 3.6</TD
66 >IBM AFS for SGI IRIX, Version 3.6</TD
70 >IBM AFS for Solaris, Version 3.6</TD
76 >and to all subsequent releases and modifications until otherwise
77 indicated in new editions.This softcopy version is based on the printed
78 edition of this book. Some formatting amendments have been made to make
79 this information more suitable for softcopy.</P
99 HREF="f24.html#HDRWQ1"
100 >Audience and Purpose</A
104 HREF="f24.html#HDRWQ2"
105 >Document Organization</A
109 HREF="f24.html#HDRWQ3"
110 >How to Use This Document</A
114 HREF="f24.html#HDRWQ4"
115 >Related Documents</A
119 HREF="f24.html#HDRTYPO_CONV"
120 >Typographical Conventions</A
127 >Concepts and Configuration Issues</A
134 >An Overview of AFS Administration</A
140 HREF="c130.html#HDRWQ6"
141 >A Broad Overview of AFS</A
145 HREF="c130.html#HDRWQ7"
146 >More Detailed Discussions of Some Basic Concepts</A
150 HREF="c130.html#HDRWQ17"
151 >AFS Server Processes and the Cache Manager</A
158 >Issues in Cell Configuration and Administration</A
164 HREF="c667.html#HDRWQ30"
165 >Differences between AFS and UNIX: A Summary</A
169 HREF="c667.html#HDRWQ34"
170 >Choosing a Cell Name</A
174 HREF="c667.html#HDRWQ36"
175 >Participating in the AFS Global Namespace</A
179 HREF="c667.html#HDRWQ41"
180 >Configuring Your AFS Filespace</A
184 HREF="c667.html#HDRWQ44"
185 >Creating Volumes to Simplify Administration</A
189 HREF="c667.html#HDRWQ51"
190 >Configuring Server Machines</A
194 HREF="c667.html#HDRWQ54"
195 >Configuring Client Machines</A
199 HREF="c667.html#HDRWQ57"
200 >Configuring AFS User Accounts</A
204 HREF="c667.html#HDRWQ61"
205 >Using AFS Protection Groups</A
209 HREF="c667.html#HDRWQ63"
210 >Login and Authentication in AFS</A
214 HREF="c667.html#HDRWQ71"
215 >Security and Authorization in AFS</A
219 HREF="c667.html#HDRWQ77"
220 >Backing Up AFS Data</A
224 HREF="c667.html#HDRWQ78"
225 >Using UNIX Remote Services in the AFS Environment</A
229 HREF="c667.html#HDRWQ79"
230 >Accessing AFS through NFS</A
239 >Managing File Server Machines</A
246 >Administering Server Machines</A
252 HREF="c3025.html#HDRWQ81"
253 >Summary of Instructions</A
257 HREF="c3025.html#HDRWQ83"
258 >Local Disk Files on a Server Machine</A
262 HREF="c3025.html#HDRWQ90"
263 >The Four Roles for File Server Machines</A
267 HREF="c3025.html#HDRWQ101"
268 >Administering Database Server Machines</A
272 HREF="c3025.html#HDRWQ110"
273 >Installing Server Process Software</A
277 HREF="c3025.html#HDRWQ118"
278 >Maintaining the Server CellServDB File</A
282 HREF="c3025.html#HDRWQ123"
283 >Managing Authentication and Authorization Requirements</A
287 HREF="c3025.html#HDRWQ130"
288 >Adding or Removing Disks and Partitions</A
292 HREF="c3025.html#HDRWQ138"
293 >Managing Server IP Addresses and VLDB Server Entries</A
297 HREF="c3025.html#HDRWQ139"
298 >Rebooting a Server Machine</A
305 >Monitoring and Controlling Server Processes</A
311 HREF="c6449.html#HDRWQ143"
312 >Summary of Instructions</A
316 HREF="c6449.html#HDRWQ145"
317 >Brief Descriptions of the AFS Server Processes</A
321 HREF="c6449.html#HDRWQ154"
322 >Controlling and Checking Process Status</A
326 HREF="c6449.html#HDRWQ158"
327 >Displaying Process Status and Information from the BosConfig File</A
331 HREF="c6449.html#HDRWQ161"
332 >Creating and Removing Processes</A
336 HREF="c6449.html#HDRWQ164"
337 >Stopping and Starting Processes Permanently</A
341 HREF="c6449.html#HDRWQ167"
342 >Stopping and Starting Processes Temporarily</A
346 HREF="c6449.html#HDRWQ170"
347 >Stopping and Immediately Restarting Processes</A
351 HREF="c6449.html#HDRWQ171"
352 >Setting the BOS Server's Restart Times</A
356 HREF="c6449.html#HDRWQ173"
357 >Displaying Server Process Log Files</A
370 HREF="c8420.html#HDRWQ175"
371 >Summary of Instructions</A
375 HREF="c8420.html#HDRWQ177"
380 HREF="c8420.html#HDRWQ185"
381 >Creating Read/write Volumes</A
385 HREF="c8420.html#HDRWQ190"
386 >About Clones and Cloning</A
390 HREF="c8420.html#HDRWQ192"
391 >Replicating Volumes (Creating Read-only Volumes)</A
395 HREF="c8420.html#HDRWQ201"
396 >Creating Backup Volumes</A
400 HREF="c8420.html#HDRWQ208"
405 HREF="c8420.html#HDRWQ216"
406 >Displaying Information About Volumes</A
410 HREF="c8420.html#HDRWQ226"
415 HREF="c8420.html#HDRWQ227"
416 >Synchronizing the VLDB and Volume Headers</A
420 HREF="c8420.html#HDRWQ232"
421 >Salvaging Volumes</A
425 HREF="c8420.html#HDRWQ234"
426 >Setting and Displaying Volume Quota and Current Size</A
430 HREF="c8420.html#HDRWQ235"
431 >Removing Volumes and their Mount Points</A
435 HREF="c8420.html#HDRWQ240"
436 >Dumping and Restoring Volumes</A
440 HREF="c8420.html#HDRWQ245"
445 HREF="c8420.html#HDRWQ247"
446 >Unlocking and Locking VLDB Entries</A
453 >Configuring the AFS Backup System</A
459 HREF="c12776.html#HDRWQ249"
460 >Summary of Instructions</A
464 HREF="c12776.html#HDRWQ251"
465 >Introduction to Backup System Features</A
469 HREF="c12776.html#HDRWQ257"
470 >Overview of Backup System Configuration</A
474 HREF="c12776.html#HDRWQ258"
475 >Configuring the tapeconfig File</A
479 HREF="c12776.html#HDRWQ260"
480 >Granting Administrative Privilege to Backup Operators</A
484 HREF="c12776.html#HDRWQ261"
485 >Configuring Tape Coordinator Machines and Tape Devices</A
489 HREF="c12776.html#HDRWQ265"
490 >Defining and Displaying Volume Sets and Volume Entries</A
494 HREF="c12776.html#HDRWQ267"
495 >Defining and Displaying the Dump Hierarchy</A
499 HREF="c12776.html#HDRWQ272"
500 >Writing and Reading Tape Labels</A
504 HREF="c12776.html#HDRWQ275"
505 >Automating and Increasing the Efficiency of the Backup Process</A
512 >Backing Up and Restoring AFS Data</A
518 HREF="c15383.html#HDRWQ284"
519 >Summary of Instructions</A
523 HREF="c15383.html#HDRWQ286"
524 >Using the Backup System's Interfaces</A
528 HREF="c15383.html#HDRWQ296"
533 HREF="c15383.html#HDRWQ302"
534 >Displaying Backup Dump Records</A
538 HREF="c15383.html#HDRWQ306"
539 >Restoring and Recovering Data</A
543 HREF="c15383.html#HDRWQ316"
544 >Maintaining the Backup Database</A
551 >Monitoring and Auditing AFS Performance</A
557 HREF="c18360.html#HDRWQ324"
558 >Summary of Instructions</A
562 HREF="c18360.html#HDRWQ326"
563 >Using the scout Program</A
567 HREF="c18360.html#HDRWQ341"
568 >Using the fstrace Command Suite</A
572 HREF="c18360.html#HDRWQ349"
573 >Using the afsmonitor Program</A
577 HREF="c18360.html#HDRWQ351"
578 >Configuring the afsmonitor Program</A
582 HREF="c18360.html#HDRWQ352"
583 >Writing afsmonitor Statistics to a File</A
587 HREF="c18360.html#Header_398"
588 >To start the afsmonitor Program</A
592 HREF="c18360.html#Header_399"
593 >To stop the afsmonitor program</A
597 HREF="c18360.html#HDRWQ353"
598 >The xstat Data Collection Facility</A
602 HREF="c18360.html#HDRWQ354"
603 >Auditing AFS Events on AIX File Servers</A
610 >Managing Server Encryption Keys</A
616 HREF="c20494.html#HDRWQ356"
617 >Summary of Instructions</A
621 HREF="c20494.html#HDRWQ358"
622 >About Server Encryption Keys</A
626 HREF="c20494.html#HDRWQ359"
627 >Displaying Server Encryption Keys</A
631 HREF="c20494.html#HDRWQ362"
632 >Adding Server Encryption Keys</A
636 HREF="c20494.html#HDRWQ368"
637 >Removing Server Encryption Keys</A
641 HREF="c20494.html#HDRWQ370"
642 >Handling Server Encryption Key Emergencies</A
651 >Managing Client Machines</A
658 >Administering Client Machines and the Cache Manager</A
664 HREF="c21473.html#HDRWQ388"
665 >Summary of Instructions</A
669 HREF="c21473.html#HDRWQ390"
670 >Overview of Cache Manager Customization</A
674 HREF="c21473.html#HDRWQ391"
675 >Configuration and Cache-Related Files on the Local Disk</A
679 HREF="c21473.html#HDRWQ394"
680 >Determining the Cache Type, Size, and Location</A
684 HREF="c21473.html#HDRWQ402"
685 >Setting Other Cache Parameters with the afsd program</A
689 HREF="c21473.html#HDRWQ406"
690 >Maintaining Knowledge of Database Server Machines</A
694 HREF="c21473.html#HDRWQ409"
695 >Determining if a Client Can Run Setuid Programs</A
699 HREF="c21473.html#HDRWQ410"
700 >Setting the File Server Probe Interval</A
704 HREF="c21473.html#HDRWQ411"
705 >Setting a Client Machine's Cell Membership</A
709 HREF="c21473.html#HDRWQ412"
710 >Forcing the Update of Cached Data</A
714 HREF="c21473.html#HDRWQ414"
715 >Maintaining Server Preference Ranks</A
719 HREF="c21473.html#HDRWQ415"
720 >Managing Multihomed Client Machines</A
724 HREF="c21473.html#HDRWQ416"
725 >Controlling the Display of Warning and Informational Messages</A
729 HREF="c21473.html#HDRWQ417"
730 >Displaying and Setting the System Type Name</A
734 HREF="c21473.html#HDRWQ418"
735 >Enabling Asynchronous Writes</A
742 >Configuring Client Machines with the package Program</A
748 HREF="c23832.html#HDRWQ420"
749 >Summary of Instructions</A
753 HREF="c23832.html#HDRWQ422"
754 >Using the package Program</A
758 HREF="c23832.html#HDRWQ423"
763 HREF="c23832.html#HDRWQ425"
764 >The package Directory Structure</A
768 HREF="c23832.html#HDRWQ427"
769 >Example Prototype and Library Files</A
773 HREF="c23832.html#HDRWQ429"
774 >Package Configuration File Instruction Syntax</A
778 HREF="c23832.html#HDRWQ437"
779 >Constructing Prototype and Library Files</A
783 HREF="c23832.html#HDRWQ438"
784 >The Package Makefile File</A
788 HREF="c23832.html#HDRWQ445"
789 >Modifying the Makefile</A
793 HREF="c23832.html#HDRWQ446"
794 >Compiling Prototype Files</A
798 HREF="c23832.html#HDRWQ447"
799 >Modifying Client Machines</A
803 HREF="c23832.html#HDRWQ448"
804 >Running the package program</A
813 >Managing Users and Groups</A
820 >Creating and Deleting User Accounts with the uss Command Suite</A
826 HREF="c24913.html#HDRWQ450"
827 >Summary of Instructions</A
831 HREF="c24913.html#HDRWQ452"
832 >Overview of the uss Command Suite</A
836 HREF="c24913.html#HDRWQ455"
837 >Creating Local Password File Entries with uss</A
841 HREF="c24913.html#HDRWQ459"
842 >Converting Existing UNIX Accounts with uss</A
846 HREF="c24913.html#HDRWQ463"
847 >Constructing a uss Template File</A
851 HREF="c24913.html#HDRWQ480"
852 >Creating Individual Accounts with the uss add Command</A
856 HREF="c24913.html#HDRWQ486"
857 >Deleting Individual Accounts with the uss delete Command</A
861 HREF="c24913.html#HDRWQ488"
862 >Creating and Deleting Multiple Accounts with the uss bulk Command</A
869 >Administering User Accounts</A
875 HREF="c27596.html#HDRWQ492"
876 >Summary of Instructions</A
880 HREF="c27596.html#HDRWQ494"
881 >The Components of an AFS User Account</A
885 HREF="c27596.html#HDRWQ495"
886 >Creating Local Password File Entries</A
890 HREF="c27596.html#HDRWQ498"
891 >Converting Existing UNIX Accounts</A
895 HREF="c27596.html#HDRWQ502"
896 >Creating AFS User Accounts</A
900 HREF="c27596.html#HDRWQ515"
901 >Improving Password and Authentication Security</A
905 HREF="c27596.html#HDRWQ516"
906 >Changing AFS Passwords</A
910 HREF="c27596.html#HDRWQ517"
911 >Displaying and Setting the Quota on User Volumes</A
915 HREF="c27596.html#HDRWQ518"
916 >Changing Usernames</A
920 HREF="c27596.html#HDRWQ524"
921 >Removing a User Account</A
928 >Administering the Protection Database</A
934 HREF="c29323.html#HDRWQ532"
935 >Summary of Instructions</A
939 HREF="c29323.html#HDRWQ534"
940 >About the Protection Database</A
944 HREF="c29323.html#HDRWQ536"
945 >Displaying Information from the Protection Database</A
949 HREF="c29323.html#HDRWQ542"
950 >Creating User and Machine Entries</A
954 HREF="c29323.html#HDRWQ544"
959 HREF="c29323.html#HDRWQ549"
960 >Adding and Removing Group Members</A
964 HREF="c29323.html#HDRWQ552"
965 >Deleting Protection Database Entries</A
969 HREF="c29323.html#HDRWQ554"
970 >Changing a Group's Owner</A
974 HREF="c29323.html#HDRWQ556"
975 >Changing a Protection Database Entry's Name</A
979 HREF="c29323.html#HDRWQ558"
980 >Setting Group-Creation Quota</A
984 HREF="c29323.html#HDRWQ559"
985 >Setting the Privacy Flags on Database Entries</A
989 HREF="c29323.html#HDRWQ560"
990 >Displaying and Setting the AFS UID and GID Counters</A
997 >Managing Access Control Lists</A
1003 HREF="c31274.html#HDRWQ563"
1004 >Summary of Instructions</A
1008 HREF="c31274.html#HDRWQ565"
1009 >Protecting Data in AFS</A
1013 HREF="c31274.html#HDRWQ572"
1018 HREF="c31274.html#HDRWQ573"
1019 >Setting ACL Entries</A
1023 HREF="c31274.html#HDRWQ576"
1024 >Completely Replacing an ACL</A
1028 HREF="c31274.html#HDRWQ577"
1029 >Copying ACLs Between Directories</A
1033 HREF="c31274.html#HDRWQ579"
1034 >Removing Obsolete AFS IDs from ACLs</A
1038 HREF="c31274.html#HDRWQ580"
1039 >How AFS Interprets the UNIX Mode Bits</A
1046 >Managing Administrative Privilege</A
1052 HREF="c32432.html#HDRWQ582"
1053 >Summary of Instructions</A
1057 HREF="c32432.html#HDRWQ584"
1058 >An Overview of Administrative Privilege</A
1062 HREF="c32432.html#HDRWQ586"
1063 >Administering the system:administrators Group</A
1067 HREF="c32432.html#HDRWQ589"
1068 >Granting Privilege for kas Commands: the ADMIN Flag</A
1072 HREF="c32432.html#HDRWQ592"
1073 >Administering the UserList File</A
1082 >Managing the NFS/AFS Translator</A
1088 HREF="a33047.html#HDRWQ596"
1089 >Summary of Instructions</A
1093 HREF="a33047.html#HDRWQ598"
1100 HREF="a33047.html#HDRWQ599"
1101 >Enabling Unauthenticated or Authenticated AFS Access</A
1105 HREF="a33047.html#HDRWQ600"
1106 >Setting the AFSSERVER and AFSCONF Environment Variables</A
1110 HREF="a33047.html#HDRWQ602"
1111 >Delayed Writes for Files Saved on NFS Client Machines</A
1117 HREF="a33047.html#HDRWQ603"
1118 >Configuring NFS/AFS Translator Machines</A
1124 HREF="a33047.html#Header_676"
1125 >Loading NFS and AFS Kernel Extensions</A
1129 HREF="a33047.html#HDRRMTSYS"
1130 >Configuring the Translator Machine to Accept AFS Commands</A
1134 HREF="a33047.html#HDRWQ604"
1135 >Controlling Optional Translator Features</A
1139 HREF="a33047.html#Header_679"
1140 >To configure an NFS/AFS translator machine</A
1144 HREF="a33047.html#Header_680"
1145 >To disable or enable Translator functionality, or set optional features</A
1151 HREF="a33047.html#HDRWQ606"
1152 >Configuring NFS Client Machines</A
1158 HREF="a33047.html#Header_682"
1159 >To configure an NFS client machine to access AFS</A
1165 HREF="a33047.html#HDRWQ610"
1166 >Configuring User Accounts</A
1172 HREF="a33047.html#Header_684"
1173 >To configure a user account for issuing AFS commands</A
1179 HREF="a33047.html#HDRWQ612"
1180 >Authenticating on Unsupported NFS Client Machines</A
1186 HREF="a33047.html#Header_686"
1187 >To authenticate using the knfs command</A
1191 HREF="a33047.html#Header_687"
1192 >To display tokens using the knfs command</A
1196 HREF="a33047.html#Header_688"
1197 >To discard tokens using the knfs command</A
1206 >Using AFS Commands</A
1212 HREF="a33826.html#HDRWQ613"
1213 >AFS Command Syntax</A
1219 HREF="a33826.html#Header_691"
1224 HREF="a33826.html#Header_692"
1229 HREF="a33826.html#Header_693"
1234 HREF="a33826.html#Header_694"
1239 HREF="a33826.html#HDRCOMMAND-EX"
1240 >An Example Command</A
1244 HREF="a33826.html#HDRWQ614"
1245 >Rules for Entering AFS Commands</A
1249 HREF="a33826.html#HDRWQ615"
1250 >Rules for Using Abbreviations and Aliases</A
1254 HREF="a33826.html#HDRWQ616"
1255 >Displaying Online Help for AFS Commands</A
1264 >The afsmonitor Program Statistics</A
1270 HREF="a34149.html#HDRWQ618"
1271 >The Cache Manager Statistics</A
1277 HREF="a34149.html#Header_708"
1278 >Performance Statistics Section (PerfStats_section)</A
1282 HREF="a34149.html#Header_709"
1283 >Server Up/Down Statistics Section (Server_UpDown_section)</A
1287 HREF="a34149.html#Header_710"
1288 >RPC Operation Measurements Section (RPCop_section)</A
1292 HREF="a34149.html#Header_711"
1293 >Authentication and Replicated File Access Section (Auth_Access_section)</A
1299 HREF="a34149.html#HDRWQ619"
1300 >The File Server Statistics</A
1306 HREF="a34149.html#Header_713"
1307 >Performance Statistics Section (PerfStats_section)</A
1311 HREF="a34149.html#Header_714"
1312 >RPC Operations Section (RPCop_section)</A
1321 >AIX Audit Events</A
1327 HREF="a35965.html#HDRWQ621"
1332 HREF="a35965.html#HDRWQ622"
1333 >Audit-Specific Events</A
1337 HREF="a35965.html#HDRWQ627"
1338 >Volume Server Events</A
1342 HREF="a35965.html#HDRWQ630"
1343 >Backup Server Events</A
1347 HREF="a35965.html#HDRWQ633"
1348 >Protection Server Events</A
1352 HREF="a35965.html#HDRWQ636"
1353 >Authentication Events</A
1357 HREF="a35965.html#HDRWQ639"
1358 >File Server and Cache Manager Interface Events</A
1362 HREF="a35965.html#HDRWQ642"
1363 >BOS Server Events</A
1367 HREF="a35965.html#HDRWQ645"
1368 >Volume Location Server Events</A
1389 HREF="c667.html#TBLVOL-PREFIX"
1390 >Suggested volume prefixes</A
1394 HREF="c667.html#TBLPREFIX-EXAMPLE"
1395 >Example volume-prefixing scheme</A
1399 HREF="c24913.html#TBLWQ466"
1400 >Source for values of uss template variables</A
1404 HREF="c24913.html#TBLWQ481"
1405 >Command-line argument sources for uss template variables</A
1419 HREF="c8420.html#FIGWQ191"
1420 >File Sharing Between the Read/write Source and a Clone Volume</A
1424 HREF="c18360.html#FIGWQ337"
1425 >First example scout display</A
1429 HREF="c18360.html#FIGWQ338"
1430 >Second example scout display</A
1434 HREF="c18360.html#FIGWQ339"
1435 >Third example scout display</A
1439 HREF="c18360.html#FIGWQ340"
1440 >Fourth example scout display</A
1444 HREF="c18360.html#Figure_6"
1445 >The afsmonitor System Overview Screen</A
1449 HREF="c18360.html#Figure_7"
1450 >The afsmonitor File Servers Screen</A
1454 HREF="c18360.html#Figure_8"
1455 >The afsmonitor File Servers Screen Shifted One Page to the Right</A
1459 HREF="c18360.html#Figure_9"
1460 >The afsmonitor Cache Managers Screen</A
1470 SUMMARY="Footer navigation table"
1511 >About This Guide</TD