1KAFS-CLIENT.CONF(5)           kAFS Configuration           KAFS-CLIENT.CONF(5)
2
3
4

NAME

6       /etc/kafs/client.conf
7       /etc/kafs/client.d/ - kAFS filesystem configuration
8

DESCRIPTION

10       Configuration information for the in-kernel kAFS filesystem can be pro‐
11       vided in the /etc/kafs/ directory.  This may include the following:
12
13              - A list of cells to be preconfigured
14
15              - Fallback addresses for each cell.
16
17              - The name of the default cell (the @cell substitution).
18
19              - A list of strings for the @sys substitution.
20
21       When the afs.mount service is started by  systemd(1),  a  configuration
22       service  (kafs-config.service)  runs  first and loads the configuration
23       into the kernel from the client.conf file.  This contains directives to
24       include  other  things, such as the contents of the client.d/ directory
25       and the generic public cell database.
26
27       Once the afs.mount service is started (or if an AFS volume is  manually
28       mounted), if a mountpoint is triggered, the kernel will upcall by means
29       of request-key(8) to look up addresses for the Volume Location  servers
30       for the named cell.  This will also parse the configuration.
31
32

CONFIGURATION FILE FORMAT

34       The file format is based on the MIT Kerberos configuration file format.
35       There are a couple of general directives:
36
37       include /path/to/file
38              This includes the contents of the named file  in  the  parse  at
39              this point.
40
41       includedir /path/to/dir/
42              This  includes  the files in the named directory in the parse at
43              this point.  Files that have names beginning with "." or  ending
44              with "~" are ignored.
45
46       Leading  and trailing whitespace on a line is ignored.  Any line other‐
47       wise beginning with  a  "#"  character  is  considered  a  comment  and
48       ignored.
49
50       Any  line  that  contains  a  label  bounded  by  square brackets, e.g.
51       "[cells]", by itself on that line denotes a switch to the section spec‐
52       ified by that label.
53
54       Configuration  data  is specified within a named section as a series of
55       key=value pairs, where a value may  be  one  of  nothing,  an  unquoted
56       string,  a quoted string or a braced lists containing further key=value
57       pairs.  Whitespace either side of the "=" symbol is ignored.
58
59       For example:
60
61              [cells]
62              rivendell.example.com = {
63                   description = "Last Homely Cell"
64                   use_dns = yes
65                   servers = {
66                        elrond.rivendell.example.com = {
67                             address = 192.0.2.23
68                        }
69                   }
70              }
71
72       If two or more consecutive clauses specify  values  for  the  same  key
73       sequence  (so  cells:rivendell.example.com:use_dns,  for example), then
74       they are merged together to form a single list.  If a single  value  is
75       expected  for  a  configuration  item,  the last element in the list is
76       taken.
77
78       To prevent  overriding  by  subsequent  conflicting  configuration,  an
79       asterisk  can  be  placed  after  the closing brace in a braced list to
80       indicate that that list is closed, for example:
81
82              [cells]
83              rivendell.example.com = {
84                   description = "Foo"
85                   use_dns = no
86              }*
87
88       Strings that are intepreted as boolean values are classed as  false  if
89       they  match  one  of  0, f, false, n, no or off, and classed as true if
90       they match one off 1, t, true, y, yes or on.  The match  is  case-inde‐
91       pendent.
92
93

GENERAL SETTINGS

95       The first section contains general system-level settings shared between
96       all utilities and the kernel.  This is denoted  by  the  section  label
97       "[defaults]".
98
99       The  system settings that may be changed are configured in this section
100       with the following key-value pairs:
101
102       thiscell = <cellname>
103              This sets the name of the local cell.  This will be used to con‐
104              figure  the  @cell  path  substitution  and will also supply the
105              default cellname for aklog-kafs(1).
106
107       sysname = [<systype>]*
108              This specifies a (potentially empty) list of strings  which  the
109              kernel  should  attempt  to substitute in turn for "@sys" at the
110              end of a filename until a match is found.
111
112
113

CELL DEFINITIONS

115       The second section contains a list of preconfigured cells, to  be  used
116       in  preloading  the  cell  list in /afs and also to provide fallback or
117       override address data for locating Volume Location  servers.   This  is
118       denoted by the section label "[cells]".
119
120       Within  the  cell  list,  each  cell is declared with a key=value pair,
121       where the key is the name of the cell and the value is  a  braced  list
122       indicating the details, e.g.:
123
124              [cells]
125              rivendell.example.com = {
126                   ...
127              }
128
129       A  cell definition may contain any number of key=value pairs.  The keys
130       that are taken note of are:
131
132       description = <string>
133              This is a text description for the cell.
134
135       show_cell = <boolean>
136              Whether a cell should be shown in /afs.
137
138       use_dns = <boolean>
139              Whether address look ups for a cell may use the DNS.
140
141       kerberos_realm = <string>
142              The name of the Kerberos realm to use for a cell by default.
143
144       servers = { ... }
145              A list of servers for the cell, where each element in  the  list
146              is  a  key=value pair, where the key is the name of a server and
147              the value is a braced section of the details for that server.
148
149       The elements in the list of server details attached to each server  can
150       comprise the following keys:
151
152       type = vlserver
153              The  server  is  an  AFS  Volume  Location  server.  This is the
154              default.
155
156       type = ptserver
157              The server is an AFS Protection server.
158
159       address = [<protocol>/]<address>[:<port>]
160              Specify a single address for a server.  The address is  required
161              and  can  be  a single IPv4 or a single IPv6 address, and may be
162              brackets with square brackets (to avoid confusion with the  port
163              number, if specified).  The protocol is optional; currently only
164              udp is supported.  The port is also optional and may  be  speci‐
165              fied  to  change  the  UDP  port from the default for the server
166              type.
167
168
169

EXAMPLE

171       [defaults]
172       thiscell = rivendell.example.com
173       sysname = fedora28_x86 amd64_linux
174
175       [cells]
176       corp.example.com = {
177            description = "Valinor Corporation cell"
178            use_dns = yes
179            servers = {
180                 manwe.corp.example.com = {
181                      address = 2001:db8:123::13
182                      address = 203.0.113.19
183                 }
184                 ulmo.corp.example.com = {
185                      address = [2001:db8:123::750c:1234]:6666
186                      address = 203.0.113.3:6666
187                 }
188                 aule.corp.example.com = {
189                      address = udp/[2001:db8:123::abcd:9090]
190                      address = udp/203.0.113.189
191                 }
192                 namo.corp.example.com = {
193                      type = ptserver
194                      address = 2001:db8:123::8888
195                      address = 203.0.113.88
196                 }
197            }
198       }
199
200       rivendell.example.com = {
201            description = "Last Homely Cell"
202            servers = {
203                 elrond.rivendell.example.com = {
204                      address = 192.0.2.23
205                 }
206                 arwen.rivendell.example.com = {
207                      address = 192.0.2.75
208                 }
209            }
210       }
211

SEE ALSO

213       kafs(7), kafs-check-config(8), systemd(1)
214
215
216
217Linux                             17 Apr 2019              KAFS-CLIENT.CONF(5)
Impressum