Arla installation memo for Linux for RHIC

last updaed 19 Feb 1999 T. Ichihara (RIKEN) Arla is a freely available AFS clone for AFS client. It works under Linux 2.2. (RH6.1) Before installing Arla, Kerberos 4 is required to be installed for authentication to obtain AFS token. Following is an example.

Kerberos 4

(1) Obtain krb4-1.0.1.tar.gz from or and install into Linux. configure, make, su to root, and make install will work. add /usr/athena/bin to your command path. (2) Configure Kerberos 4 for AFS authentication for rhic AFS cell. sample of /etc/krb.conf file RHIC RHIC admin server (3) Confirm that you can gain AFS token as follows % kauth <-- obtain authentication using krv4 user@RHIC's Password: <-- type your AFS password of rhic cell % klist <-- list your krv4 ticket (AFS token) Ticket file: /tmp/tkt20xx Principal: user@RHIC Issued Expires Principal Aug 11 10:04:20 Aug 11 20:04:20 krbtgt.RHIC@RHIC Aug 11 10:04:20 Aug 11 20:04:20 afs@RHIC now you have obtained AFS token for rhic cell. N.B. TIPS for Kerberos 4 for arla It seems that the Kerberos 4 exchanges system clock (time) to get authentication from AFS server, the system clock of the arla client should be accurate within a few seconds. This is realized with "xntpd" daemon. If the system clock of the arla client has wrong clock time, "kauth" command will result following error messages and you cannot obtain AFS token. kauth: Permission Denied (Kerberos) or kauth: Service expired (Kerberos) In this case, you need to synchronize system clock of your arla-client using "xntpd" with your AFS server. Since the AFS server is synchronized to the time server which is synchronized to the .GPS. or .WWV. clock, your arla-client need to synchronized to your neighboring time server)


(1) Obtain the latest version (0.32 or later ) of arla from or mirror at RIKEN and make and install into Linux. configure --with-krb4=/usr/athena --with-krb4-lib=/usr/athena/lib --with-krb4-include=/usr/athena/include then make, su to root and make install add /usr/arla/bin to your command path. (2) Configure arla (1)obtain /usr/vice/etc/CellServDB of and put it on your /usr/arla/etc/CellServDB. (N.B. definition for rhic cell in the original CellServDB file attached in arla-0.12 distribution is obsolete. If you want to use original CellServDB file, modify rhic cell entry as follows >rhic #Relativistic Heavy Ion Collider (2)Replace the content of /usr/arla/etc/ThisCell by rhic . (3)Add services by " cat SRCDIR/conf/services >> /etc/services " etc. (see INSTALL document carefully) (3) At root user, start arla by /usr/arla/bin/startarla. Confirm that your arla is working properly on normal user account. ( eg. % kauth user@RHIC's Password: <-- enter your AFS passwd % setenv CVSROOT /afs/rhic/phenix/PHENIX_CVS % cvs checkout staf ... etc.) Insert following script to your startup file (/etc/rc.d/rc.local etc.) The first line is to clean the alra cache directory and important (see (8) below). The second line is to start the arla. The 3rd line is to set the @sys function return value in /afs directory to "i386_linux2" in order to maitain the compatibitity of the Transarc afs (see (5) below). rm -rf /usr/arla/cache /usr/arla/bin/startarla /usr/arla/bin/fs sysname i386_linux2 (4) To make pwd work on /afs, following step is required. | If you are using Linux 2.1 or 2.2 and libc4, libc5 or glibc 2.0, | you may want to enable the getcwd syscall, which works much better | than the old way of doing getcwd. In order to do this, follow | these steps: | | 1. Copy /usr/arla/lib/ (where X is the arla version) | to /lib. | 2. Run "/sbin/ldconfig". | 3. Run "LD_PRELOAD=/lib/ /bin/pwd". If this fails | with "/bin/pwd: can't load library '/lib/'" or | some other error message, report this error. | 4. If the previous step went well, add this line to /etc/ | /lib/ | | DO NOT load the file from /usr/arla/lib, since /usr probably is not | part of the root partition of your system. If you do this, your system | will probably not be able to boot, even in single user, since in most | Linux installations, init, sh, mount and other programs are dynamically | linked. | | If you use glibc 2.1 or later, the above method is unnecessary and | the line /lib/ should be removed from /etc/ | if present. (5) TIPS for @sys function (added on 22Oct98) execute "fs sysnam i386_linux2" to make compatibility with Transarc AFS client (to make @sys work on /afs/rhic cell. > In Transarc AFS on linux, the @sys is interpreted as > i386_linux2 > > In arla the sysnames are as follows on Linux i386: > > (i386_linux4 (libc4, not tested for)) > i386_linux5 (libc5) > i386_linux6 (libc6) > >If you really want the counterintuitive numbering, set your sysname >with "fs sysname". (6) TIPS for version up of Arla 1. If you upgrad the version of arla, it is recommended to clear the arla cache directory (default: /usr/arla/cache). If you do not clear the cache directory, the /afs may contain no directory tree. 2. before upgrade, it is safe to rename /etc/ to other file name. After the arla version up is completed and new shared object is copied into /lib directory, then the fine namecan be restored. (NB: shared object name changed at arla 0.21) (8) When a linux system "crash" with panic, the cache files of the arla (default cache directory: /usr/arla/cache) seems to be often destroyed. Afther this phenomina, arla does now work correctly even if the system is re-booted. Typical simpton for this phenomina is the messages like " cannot open shared object file " appears when executing binary which dynamically links to the shared library file under /afs/rhic tree. This phenomina can be easery resolved. In the startup script, inseret a script to clear the arla cache directory just befor starting up the arla. Dave's memo for Arla CCJ R&D page
19 Feb 1999 Takashi Ichihara (