Getting Started on HP-UX Systems

Begin by building AFS modifications into a new kernel; HP-UX does not support dynamic loading. Then create partitions for storing AFS volumes, and install and configure the AFS-modified fsck program to run on AFS server partitions. If the machine is to remain an AFS client machine, incorporate AFS into the machine's Pluggable Authentication Module (PAM) scheme.

Building AFS into the HP-UX Kernel

Use the following instructions to build AFS modifications into the kernel on an HP-UX system.

  1. Move the existing kernel-related files to a safe location.

       # cp /stand/vmunix /stand/vmunix.noafs
       # cp /stand/system /stand/system.noafs
    
  2. Unpack the OpenAFS HP-UX distribution tarball. The examples below assume that you have unpacked the files into the /tmp/afsdist directory. If you pick a different location, substitute this in all of the following examples. Once you have unpacked the distribution, change directory as indicated.

       # cd /tmp/afsdist/hp_ux110/dest/root.client
    
  3. Copy the AFS initialization file to the local directory for initialization files (by convention, /sbin/init.d on HP-UX machines). Note the removal of the .rc extension as you copy the file.

       # cp usr/vice/etc/afs.rc  /sbin/init.d/afs
    
  4. Copy the file afs.driver to the local /usr/conf/master.d directory, changing its name to afs as you do.

       # cp  usr/vice/etc/afs.driver  /usr/conf/master.d/afs
    
  5. Copy the AFS kernel module to the local /usr/conf/lib directory.

    If the machine's kernel supports NFS server functionality:

       # cp bin/libafs.a /usr/conf/lib   
    

    If the machine's kernel does not support NFS server functionality, change the file's name as you copy it:

       # cp bin/libafs.nonfs.a /usr/conf/lib/libafs.a
    
  6. Incorporate the AFS driver into the kernel, either using the SAM program or a series of individual commands.

    • To use the SAM program:

      1. Invoke the SAM program, specifying the hostname of the local machine as local_hostname. The SAM graphical user interface pops up.

           # sam -display local_hostname:0 
        
      2. Choose the Kernel Configuration icon, then the Drivers icon. From the list of drivers, select afs.

      3. Open the pull-down Actions menu and choose the Add Driver to Kernel option.

      4. Open the Actions menu again and choose the Create a New Kernel option.

      5. Confirm your choices by choosing Yes and OK when prompted by subsequent pop-up windows. The SAM program builds the kernel and reboots the system.

      6. Login again as the superuser root.

           login: root
           Password: root_password
        
    • To use individual commands:

      1. Edit the file /stand/system, adding an entry for afs to the Subsystems section.

      2. Change to the /stand/build directory and issue the mk_kernel command to build the kernel.

           # cd /stand/build
           # mk_kernel
        
      3. Move the new kernel to the standard location (/stand/vmunix), reboot the machine to start using it, and login again as the superuser root.

           # mv /stand/build/vmunix_test /stand/vmunix
           # cd /
           # shutdown -r now             
           login: root
           Password: root_password
        

Configuring Server Partitions on HP-UX Systems

Every AFS file server machine must have at least one partition or logical volume dedicated to storing AFS volumes. Each server partition is mounted at a directory named /vicepxx, where xx is one or two lowercase letters. The /vicepxx directories must reside in the file server machine's root directory, not in one of its subdirectories (for example, /usr/vicepa is not an acceptable directory location). For additional information, see Performing Platform-Specific Procedures.

  1. Create a directory called /vicepxx for each AFS server partition you are configuring (there must be at least one). Repeat the command for each partition.

       # mkdir /vicepxx
    
  2. Use the SAM program to create a file system on each partition. For instructions, consult the HP-UX documentation.

  3. On some HP-UX systems that use logical volumes, the SAM program automatically mounts the partitions. If it has not, mount each partition by issuing either the mount -a command to mount all partitions at once or the mount command to mount each partition in turn.

Configuring the AFS-modified fsck Program on HP-UX Systems

In this section, you make modifications to guarantee that the appropriate fsck program runs on AFS server partitions. The fsck program provided with the operating system must never run on AFS server partitions. Because it does not recognize the structures that the File Server uses to organize volume data, it removes all of the data. To repeat:

Never run the standard fsck program on AFS server partitions. It discards AFS volumes.

On HP-UX systems, there are several configuration files to install in addition to the AFS-modified fsck program (the vfsck binary).

  1. Create the command configuration file /sbin/lib/mfsconfig.d/afs. Use a text editor to place the indicated two lines in it:

       format_revision 1
       fsck            0        m,P,p,d,f,b:c:y,n,Y,N,q,
    
  2. Create and change directory to an AFS-specific command directory called /sbin/fs/afs.

       # mkdir /sbin/fs/afs
       # cd  /sbin/fs/afs
    
  3. Copy the AFS-modified version of the fsck program (the vfsck binary) and related files from the distribution directory to the new AFS-specific command directory.

       # cp -p /tmp/afsdist/hp_ux110/dest/root.server/etc/*  .
    
  4. Change the vfsck binary's name to fsck and set the mode bits appropriately on all of the files in the /sbin/fs/afs directory.

       # mv  vfsck  fsck
       # chmod  755  *
    
  5. Edit the /etc/fstab file, changing the file system type for each AFS server partition from hfs to afs. This ensures that the AFS-modified fsck program runs on the appropriate partitions.

    The sixth line in the following example of an edited file shows an AFS server partition, /vicepa.

       /dev/vg00/lvol1 / hfs defaults 0 1
       /dev/vg00/lvol4 /opt hfs defaults 0 2
       /dev/vg00/lvol5 /tmp hfs defaults 0 2
       /dev/vg00/lvol6 /usr hfs defaults 0 2
       /dev/vg00/lvol8 /var hfs defaults 0 2
       /dev/vg00/lvol9 /vicepa afs defaults 0 2
       /dev/vg00/lvol7 /usr/vice/cache hfs defaults 0 2
    
  6. If you plan to retain client functionality on this machine after completing the installation, proceed to Enabling AFS Login on HP-UX Systems. Otherwise, proceed to Starting the BOS Server.

Enabling AFS Login on HP-UX Systems

Note

If you plan to remove client functionality from this machine after completing the installation, skip this section and proceed to Starting the BOS Server.

At this point you incorporate AFS into the operating system's Pluggable Authentication Module (PAM) scheme. PAM integrates all authentication mechanisms on the machine, including login, to provide the security infrastructure for authenticated access to and from the machine.

In modern AFS installations, you should be using Kerberos v5 for user login, and obtaining AFS tokens subsequent to this authentication step. OpenAFS does not currently distribute a PAM module allowing AFS tokens to be automatically gained at login. Whilst there are a number of third party modules providing this functionality, it is not know if these have been tested with HP/UX.

Following login, users can obtain tokens by running the aklog command

Sites which still require kaserver or external Kerberos v4 authentication should consult Enabling kaserver based AFS login on HP-UX systems for details of how to enable HP-UX login.

Proceed to Starting the BOS Server (or if referring to these instructions while installing an additional file server machine, return to Starting Server Programs).