1KAFS-CLIENT.CONF(5) kAFS Configuration KAFS-CLIENT.CONF(5)
2
6 /etc/kafs/client.conf
7 /etc/kafs/client.d/ - kAFS filesystem configuration
8
10 Configuration information for the in-kernel kAFS filesystem can be pro‐
11 vided in the /etc/kafs/ directory. This may include the following:
12 - A list of cells to be preconfigured
14 - Fallback addresses for each cell.
16 - The name of the default cell (the @cell substitution).
18 - A list of strings for the @sys substitution.
20 When the afs.mount service is started by systemd(1), a configuration
22 service (kafs-config.service) runs first and loads the configuration
23 into the kernel from the client.conf file. This contains directives to
24 include other things, such as the contents of the client.d/ directory
25 and the generic public cell database.
26 Once the afs.mount service is started (or if an AFS volume is manually
28 mounted), if a mountpoint is triggered, the kernel will upcall by means
29 of request-key(8) to look up addresses for the Volume Location servers
30 for the named cell. This will also parse the configuration.
31
34 The file format is based on the MIT Kerberos configuration file format.
35 There are a couple of general directives:
36 include /path/to/file
38 This includes the contents of the named file in the parse at
39 this point.
40 includedir /path/to/dir/
42 This includes the files in the named directory in the parse at
43 this point. Files that have names beginning with "." or ending
44 with "~" are ignored.
45 Leading and trailing whitespace on a line is ignored. Any line other‐
47 wise beginning with a "#" character is considered a comment and
48 ignored.
49 Any line that contains a label bounded by square brackets, e.g.
51 "[cells]", by itself on that line denotes a switch to the section spec‐
52 ified by that label.
53 Configuration data is specified within a named section as a series of
55 key=value pairs, where a value may be one of nothing, an unquoted
56 string, a quoted string or a braced lists containing further key=value
57 pairs. Whitespace either side of the "=" symbol is ignored.
58 For example:
60 [cells]
62 rivendell.example.com = {
63 description = "Last Homely Cell"
64 use_dns = yes
65 servers = {
66 elrond.rivendell.example.com = {
67 address = 192.0.2.23
68 }
69 }
70 }
71 If two or more consecutive clauses specify values for the same key
73 sequence (so cells:rivendell.example.com:use_dns, for example), then
74 they are merged together to form a single list. If a single value is
75 expected for a configuration item, the last element in the list is
76 taken.
77 To prevent overriding by subsequent conflicting configuration, an
79 asterisk can be placed after the closing brace in a braced list to
80 indicate that that list is closed, for example:
81 [cells]
83 rivendell.example.com = {
84 description = "Foo"
85 use_dns = no
86 }*
87 Strings that are intepreted as boolean values are classed as false if
89 they match one of 0, f, false, n, no or off, and classed as true if
90 they match one off 1, t, true, y, yes or on. The match is case-inde‐
91 pendent.
92
95 The first section contains general system-level settings shared between
96 all utilities and the kernel. This is denoted by the section label
97 "[defaults]".
98 The system settings that may be changed are configured in this section
100 with the following key-value pairs:
101 thiscell = <cellname>
103 This sets the name of the local cell. This will be used to con‐
104 figure the @cell path substitution and will also supply the
105 default cellname for aklog-kafs(1).
106 sysname = [<systype>]*
108 This specifies a (potentially empty) list of strings which the
109 kernel should attempt to substitute in turn for "@sys" at the
110 end of a filename until a match is found.
111
115 The second section contains a list of preconfigured cells, to be used
116 in preloading the cell list in /afs and also to provide fallback or
117 override address data for locating Volume Location servers. This is
118 denoted by the section label "[cells]".
119 Within the cell list, each cell is declared with a key=value pair,
121 where the key is the name of the cell and the value is a braced list
122 indicating the details, e.g.:
123 [cells]
125 rivendell.example.com = {
126 ...
127 }
128 A cell definition may contain any number of key=value pairs. The keys
130 that are taken note of are:
131 description = <string>
133 This is a text description for the cell.
134 show_cell = <boolean>
136 Whether a cell should be shown in /afs.
137 use_dns = <boolean>
139 Whether address look ups for a cell may use the DNS.
140 kerberos_realm = <string>
142 The name of the Kerberos realm to use for a cell by default.
143 servers = { ... }
145 A list of servers for the cell, where each element in the list
146 is a key=value pair, where the key is the name of a server and
147 the value is a braced section of the details for that server.
148 The elements in the list of server details attached to each server can
150 comprise the following keys:
151 type = vlserver
153 The server is an AFS Volume Location server. This is the
154 default.
155 type = ptserver
157 The server is an AFS Protection server.
158 address = [<protocol>/]<address>[:<port>]
160 Specify a single address for a server. The address is required
161 and can be a single IPv4 or a single IPv6 address, and may be
162 brackets with square brackets (to avoid confusion with the port
163 number, if specified). The protocol is optional; currently only
164 udp is supported. The port is also optional and may be speci‐
165 fied to change the UDP port from the default for the server
166 type.
167
171 [defaults]
172 thiscell = rivendell.example.com
173 sysname = fedora28_x86 amd64_linux
174 [cells]
176 corp.example.com = {
177 description = "Valinor Corporation cell"
178 use_dns = yes
179 servers = {
180 manwe.corp.example.com = {
181 address = 2001:db8:123::13
182 address = 203.0.113.19
183 }
184 ulmo.corp.example.com = {
185 address = [2001:db8:123::750c:1234]:6666
186 address = 203.0.113.3:6666
187 }
188 aule.corp.example.com = {
189 address = udp/[2001:db8:123::abcd:9090]
190 address = udp/203.0.113.189
191 }
192 namo.corp.example.com = {
193 type = ptserver
194 address = 2001:db8:123::8888
195 address = 203.0.113.88
196 }
197 }
198 }
199 rivendell.example.com = {
201 description = "Last Homely Cell"
202 servers = {
203 elrond.rivendell.example.com = {
204 address = 192.0.2.23
205 }
206 arwen.rivendell.example.com = {
207 address = 192.0.2.75
208 }
209 }
210 }
211
213 kafs(7), kafs-check-config(8), systemd(1)
214Linux 17 Apr 2019 KAFS-CLIENT.CONF(5)