|
AFS is a distributed file system that allows
CAEN’s UNIX machines to share files on servers throughout the
network. Actually, this distributed file system extends
connectivity beyond the world of CAEN. AFS can be thought of as
a shared file system for the entire world. Currently, this
hierarchical file system is set up with the /afs
directory as the root directory. Below that level are
directories for each cell, or independent organization. The cell
/afs/engin.umich.edu is the local cell for the entire
College of Engineering. The cell /afs/umich.edu is the
cell administered by the Information Technology Central Services
(ITCS) and houses all the IFS home directories and ITCS
software.
AFS is composed of file servers and clients. A
file server stores files that can be accessed by other
computers. These other computers are called clients of the
server. AFS defines a protocol that automatically determines
which file server the client can find a desired file. AFS
utilizes the Kerberos authentication scheme to validate users’
rights to access files. Kerberos is an extension to the normal
UNIX authentication mechanism and significantly improves network
security. Files are only exchanged between a client and a server
if both machines are able to recognize a valid electronic
authentication token (also known as a ticket.)
Two important AFS commands to remember are fs
(file service )and pts (protection service).
fs help
Get help with the fs command.
fs la
Review the file permissions on your current directory.
fs lq
How much disk space do you have left?
pts help
Need help with pts?
pts mem
What pts groups do you belong to?
For more information on AFS as well as the
commands that service this system, consult CAEN Technote:
Setting AFS File Permissions and Creating and Managing
AFS Groups.
klog
The klog command allows to you obtain or extend
an AFS token (priviledges) for files in a particular AFS cell.
To obtain a token and ticket writing priviledges to CAEN files,
type klog -t options, or klog -t -cell engin.umich.edu.
To obtain privileges for IFS files, type klog -t -cell
umich.edu. You may use klog to obtain privileges in other
AFS cells (at MIT, CMU, etc.) if you have computer access
accounts there also.
The klog -tmp -setpag command is different
from the klog command in two ways. The obvious difference is
that it doesn’t allow you to enter a cell name, but instead
follows the same automatic algorithm that the remote login and
Xdm login programs use, with the end result being that you may
be authenticated in the engin.umich.edu or the
umich.edu cells, depending on the password you enter.
The other difference between klog and
klog -tmp -setpag is considerably more complicated, and is
described in the next section. |