Arla installation memo for Linux for RHIC
last updaed 19 Feb 1999
T. Ichihara (RIKEN)
Arla is a freely available AFS clone for AFS client. It works under
Linux 2.2. (RH6.1) Before installing Arla, Kerberos 4 is required to be
installed for authentication to obtain AFS token. Following is an example.
(1) Obtain krb4-1.0.1.tar.gz from http://www.pdc.kth.se/kth-krb/
or ftp://ftp.pdc.kth.se/pub/krb/src/krb4-1.0.1.tar.gz
and install into Linux.
configure, make, su to root, and make install will work.
add /usr/athena/bin to your command path.
(2) Configure Kerberos 4 for AFS authentication for rhic AFS cell.
sample of /etc/krb.conf file
RHIC
RHIC rafs01.rcf.bnl.gov admin server
(3) Confirm that you can gain AFS token as follows
% kauth <-- obtain authentication using krv4
user@RHIC's Password: <-- type your AFS password of rhic cell
% klist <-- list your krv4 ticket (AFS token)
Ticket file: /tmp/tkt20xx
Principal: user@RHIC
Issued Expires Principal
Aug 11 10:04:20 Aug 11 20:04:20 krbtgt.RHIC@RHIC
Aug 11 10:04:20 Aug 11 20:04:20 afs@RHIC
now you have obtained AFS token for rhic cell.
N.B. TIPS for Kerberos 4 for arla
It seems that the Kerberos 4 exchanges system clock (time) to get
authentication from AFS server, the system clock of the arla client
should be accurate within a few seconds. This is realized with "xntpd"
daemon. If the system clock of the arla client has wrong clock time,
"kauth" command will result following error messages and you cannot
obtain AFS token.
kauth: Permission Denied (Kerberos) or
kauth: Service expired (Kerberos)
In this case, you need to synchronize system clock of your
arla-client using "xntpd" with your AFS server. Since the AFS
server is synchronized to the time server which is synchronized to
the .GPS. or .WWV. clock, your arla-client need to synchronized
to your neighboring time server)
(1) Obtain the latest version (0.32 or later ) of arla from
ftp://ftp.stacken.kth.se/pub/arla/ or mirror at RIKEN
and make and install into Linux.
configure --with-krb4=/usr/athena --with-krb4-lib=/usr/athena/lib
--with-krb4-include=/usr/athena/include
then make, su to root and make install
add /usr/arla/bin to your command path.
(2) Configure arla
(1)obtain /usr/vice/etc/CellServDB of rcf.rhic.bnl.gov and put it
on your /usr/arla/etc/CellServDB. (N.B. definition for rhic cell
in the original CellServDB file attached in arla-0.12 distribution
is obsolete. If you want to use original CellServDB file, modify
rhic cell entry as follows
>rhic #Relativistic Heavy Ion Collider
130.199.6.69 #rafs01.rcf.bnl.gov
130.199.6.52 #rafs02.rcf.bnl.gov
130.199.6.51 #rafs03.rcf.bnl.gov
(2)Replace the content of /usr/arla/etc/ThisCell by rhic .
(3)Add services by " cat SRCDIR/conf/services >> /etc/services "
etc. (see INSTALL document carefully)
(3) At root user, start arla by /usr/arla/bin/startarla. Confirm that
your arla is working properly on normal user account.
( eg. % kauth
user@RHIC's Password: <-- enter your AFS passwd
% setenv CVSROOT /afs/rhic/phenix/PHENIX_CVS
% cvs checkout staf ... etc.)
Insert following script to your startup file (/etc/rc.d/rc.local etc.)
The first line is to clean the alra cache directory and important
(see (8) below). The second line is to start the arla. The 3rd line
is to set the @sys function return value in /afs directory to
"i386_linux2" in order to maitain the compatibitity of the Transarc
afs (see (5) below).
rm -rf /usr/arla/cache
/usr/arla/bin/startarla
/usr/arla/bin/fs sysname i386_linux2
(4) To make pwd work on /afs, following step is required.
| If you are using Linux 2.1 or 2.2 and libc4, libc5 or glibc 2.0,
| you may want to enable the getcwd syscall, which works much better
| than the old way of doing getcwd. In order to do this, follow
| these steps:
|
| 1. Copy /usr/arla/lib/libgetcwd.so.X (where X is the arla version)
| to /lib.
| 2. Run "/sbin/ldconfig".
| 3. Run "LD_PRELOAD=/lib/libgetcwd.so.0 /bin/pwd". If this fails
| with "/bin/pwd: can't load library '/lib/libgetcwd.so.0'" or
| some other error message, report this error.
| 4. If the previous step went well, add this line to /etc/ld.so.preload:
| /lib/libgetcwd.so.0
|
| DO NOT load the file from /usr/arla/lib, since /usr probably is not
| part of the root partition of your system. If you do this, your system
| will probably not be able to boot, even in single user, since in most
| Linux installations, init, sh, mount and other programs are dynamically
| linked.
|
| If you use glibc 2.1 or later, the above method is unnecessary and
| the line /lib/libgetcwd.so.0 should be removed from /etc/ld.so.preload
| if present.
(5) TIPS for @sys function (added on 22Oct98)
execute "fs sysnam i386_linux2" to make compatibility with Transarc
AFS client (to make @sys work on /afs/rhic cell.
> In Transarc AFS on linux, the @sys is interpreted as
> i386_linux2
>
> In arla the sysnames are as follows on Linux i386:
>
> (i386_linux4 (libc4, not tested for))
> i386_linux5 (libc5)
> i386_linux6 (libc6)
>
>If you really want the counterintuitive numbering, set your sysname
>with "fs sysname".
(6) TIPS for version up of Arla
1. If you upgrad the version of arla, it is recommended to
clear the arla cache directory (default: /usr/arla/cache). If you do
not clear the cache directory, the /afs may contain no directory
tree.
2. before upgrade, it is safe to rename /etc/ld.so.preload to other
file name. After the arla version up is completed and new shared object
is copied into /lib directory, then the fine namecan be restored.
(NB: shared object name changed at arla 0.21)
(8) When a linux system "crash" with panic, the cache files of the
arla (default cache directory: /usr/arla/cache) seems to be often
destroyed. Afther this phenomina, arla does now work correctly even
if the system is re-booted. Typical simpton for this phenomina is the
messages like " cannot open shared object file "
appears when executing binary which dynamically links to the shared
library file under /afs/rhic tree.
This phenomina can be easery resolved. In the startup script,
inseret a script to clear the arla cache directory just befor
starting up the arla.
Dave's memo for Arla
CCJ R&D page
19 Feb 1999 Takashi Ichihara (ichihara@bnl.gov)