/usr/sbin/afs-rootvol is in openafs-dbserver 1.6.7-1.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 | #!/usr/bin/perl -w
# Copyright (C) 2000 by Sam Hartman
# This file may be copied either under the terms of the GNU GPL or the IBM
# Public License either version 2 or later of the GPL or version 1.0 or later
# of the IPL.
use strict;
use Debian::OpenAFS::ConfigUtils;
use Term::ReadLine;
use Getopt::Long;
use vars qw($rl $server $part $requirements_met);
=head1 NAME
afs-rootvol - Generate and populate root volumes for new AFS cells.
=head1 SYNOPSIS
B<afs-rootvol> [B<--requirements-met>] [B<--server> I<server-name>]
[B<--partition> I<partition-letter>]
=head1 DESCRIPTION
This script sets up an AFS cell's root volumes. It assumes that you already
have a fileserver and database servers. The fileserver should have an empty
root.afs. This script creates root.cell, user, and service and populates
root.afs.
=head1 AUTHOR
Sam Hartman <hartmans@debian.org>
=cut
#'# cperl-mode
# This subroutine creates a volume, mounts it and then sets the access
# to allow read by anyuser. The volume is scheduled for deletion in
# case of error.
sub mkvol($$) {
my ($vol, $mnt) = @_;
run("vos create $server $part $vol -localauth");
unwind("vos remove $server $part $vol -localauth");
run("fs mkm $mnt $vol ");
run("fs sa $mnt system:anyuser rl");
}
# Main script. Flush all output immediately.
$| = 1;
$rl = new Term::ReadLine('AFS');
GetOptions ("requirements-met" => \$requirements_met,
"server=s" => \$server,
"partition=s" => \$part);
unless ($requirements_met) {
print <<eotext;
Prerequisites
In order to set up the root.afs volume, you must meet the following
pre-conditions:
1) The cell must be configured, running a database server with a
volume location and protection server. The afs-newcell script will
set up these services.
2) You must be logged into the cell with tokens in for a user in
system:administrators and with a principal that is in the UserList
file of the servers in the cell.
3) You need a fileserver in the cell with partitions mounted and a
root.afs volume created. Presumably, it has no volumes on it,
although the script will work so long as nothing besides root.afs
exists. The afs-newcell script will set up the file server.
4) The AFS client must be running pointed at the new cell.
eotext
$_ = $rl->readline("Do you meet these conditions? (y/n) ");
unless (/^y/i ) {
print "Please restart the script when you meet these conditions.\n";
exit(1);
}
if ($> != 0) {
die "This script should almost always be run as root. Use the\n"
. "--requirements-met option to run as non-root.\n";
}
}
# Get configuration information we need.
open(CELL, "/etc/openafs/server/ThisCell")
or die "Unable to find out what cell this machine serves: $!\n";
my $cell = <CELL>;
close CELL;
chomp $cell;
unless ($server) {
print <<eotext;
You will need to select a server (hostname) and AFS partition on which to
create the root volumes.
eotext
$server = $rl->readline("What AFS Server should volumes be placed on? ");
die "Please select a server.\n" unless $server;
}
unless ($part) {
$part = $rl->readline("What partition? [a] ");
$part = "a" unless $part;
}
print "\n";
# Make sure the user has tokens. Forgetting to do this is a common error.
my $status = system("tokens | grep Expires > /dev/null");
if ($status != 0) {
die "You appear to not have AFS tokens. Obtain tokens (with aklog,\n"
. "for example) and then run this script again.\n";
}
# Figure out where root.afs is. There are two possibilities: either we aren't
# running with dynroot, and root.afs is therefore accessible as /afs, or we
# are running with dynroot, in which case we have to create root.cell first
# and then mount root.afs under it.
#
# Always create root.cell first; we may need it if running with dynroot, and
# it doesn't hurt to do it now regardless.
my $rootmnt = "/afs";
run("vos create $server $part root.cell -localauth");
unwind("vos remove $server $part root.cell -localauth");
my $dynroot = (-d "$rootmnt/$cell/.");
if ($dynroot) {
run("fs mkm /afs/$cell/.root.afs root.afs -rw");
unwind("fs rmm /afs/$cell/.root.afs");
$rootmnt = "/afs/$cell/.root.afs";
}
run("fs sa $rootmnt system:anyuser rl");
# Scan CellServDB and create the cell mount points for every cell found there.
# Force these commands to succeed, since it's possible to end up with
# duplicate entries in CellServDB (and the second fs mkm will fail).
open(CELLSERVDB, "/etc/openafs/CellServDB")
or die "Unable to open /etc/openafs/CellServDB: $!\n";
while (<CELLSERVDB>) {
chomp;
if (/^>\s*([a-z0-9_\-.]+)/) {
run("fs mkm $rootmnt/$1 root.cell -cell $1 -fast || true");
unwind("fs rmm $rootmnt/$1 || true");
}
}
# Now, create the read/write mount points for root.cell and root.afs and set
# root.cell system:anyuser read.
run("fs sa /afs/$cell system:anyuser rl");
run("fs mkm $rootmnt/.$cell root.cell -cell $cell -rw");
unwind("fs rmm $rootmnt/.$cell");
run("fs mkm $rootmnt/.root.afs root.afs -rw");
unwind("fs rmm $rootmnt/.root.afs");
# Create the user and service mount point volumes to fit the semi-standard AFS
# cell layout.
mkvol("user", "/afs/$cell/user");
mkvol("service", "/afs/$cell/service");
# Strip the domain off of the cell name and create the short symlinks.
$cell =~ /^([^.]+)/;
my $cellpart = $1;
if ($cellpart && $cellpart ne $cell) {
run("ln -s $cell $rootmnt/$cellpart");
unwind("rm $rootmnt/$cellpart");
run("ln -s .$cell $rootmnt/.$cellpart");
unwind("rm $rootmnt/.$cellpart");
}
if ($dynroot) {
run("fs rmm /afs/$cell/.root.afs");
unwind("fs mkm /afs/$cell/.root.afs root.afs -rw");
}
# Now, replicate the infrastructure volumes.
run("vos addsite $server $part root.afs -localauth");
run("vos addsite $server $part root.cell -localauth");
run("vos release root.afs -localauth");
run("vos release root.cell -localauth");
unwind("vos remove $server $part root.cell.readonly -localauth");
unwind("vos remove $server $part root.afs.readonly -localauth");
# Success, so clear the unwind commands.
@unwinds = ();
# If we fail before all the instances are created, we need to back out of
# everything we did as much as possible.
END {
if (@unwinds) {
print "\nRoot volume setup failed, ABORTING\n";
}
run(pop @unwinds) while @unwinds;
}
|