[This is a still-under-construction rewrite of the afssync instructions, adapted to the Ingres/Maxine -> Oracle/SPARC port, and is also being updated and simplified.] The executables are in /moira/bin/ on the moira server, with sources in /mit/moiradev/src/afssync/. Most of the commands are run on the Moira server. FULL INSTRUCTIONS ("SUMMARY" is below) #### This is preparation for the resync, to save non-Moira users. #### First, get a recent copy of the prdb, and extract non-Moira entries: /moira/bin/udebug orf -port 7002 rcp root@orf:/usr/afs/db/prdb.DB0 /var/prdb.old /moira/bin/udebug orf -port 7002 If the two udebugs show that the version changed, lather-rinse-repeat. (udebug can be found in afsuser; "orf" here and below is some DB server) (Also check for "0 of them for write" at the end. It might matter.) /moira/bin/pt_util -x -m -u -g -d /var/prdb.extra -p /var/prdb.old perl /moira/bin/pt_util.pl < /var/prdb.extra > /var/prdb.extra.sort to extract and prepare the personal groups and special user entries in the old prdb for being reincorporated into the new prdb. awk '/^[^ ][^:]*@/ {printf "KERBEROS:%s\n",$1}' prdb.extra > foreign blanche afs-foreign-users -f foreign Get a list of all the @andrew.cmu.edu type (non- athena.mit.edu cell) users, and sync the Moira list afs-foreign-users to this list. Moira then adds those entries to the group system:afs-foreign-users, thus keeping them from being lost in the prdb resync. awk '/^[^ ][^:@]*$/ {printf "KERBEROS:%s\n",$1}' prdb.extra > oddities echo "LIST:afs-foreign-users" >> oddities blanche afs-odd-entities -f oddities Do the equivalent of afs-foreign-users for domestic users. We make the afs-foreign-users list a member of the more general afs-odd-entities. WAIT for the incremental updates from the `blanche` changes to complete. #### Now the actual resync begins. Incremental updates must stop. #### touch /moira/afs/noafs to disable AFS incremental updates during the synchronization. The afs.incr (?) will wait 30 minutes on an incremental update before timing out, so the resync should complete in that time, or list changes in Moira might need to be propagated by hand. /moira/bin/afssync /var/prdb.moira to dump the prdb data that is in Moira (users, groups, and group memberships). This step takes about ten minutes, but can be done concurrently with the next few steps. REPEAT the first two sets of commands, above, thus regenerating prdb.extra from a now completely-up-to-date prdb. *** Make sure the "afssync" command has completed *** cp /var/prdb.moira /var/prdb.new /moira/bin/pt_util -w -d /var/prdb.extra.sort -p /var/prdb.new This use of pt_util will presumably log errors about failed user creations and list additions. (To start over, do both the `cp` and `pt_util` again.) You can filter out the "User or group doesn't exist" type of lines that were caused by a user deactivation with something like: awk -F\| '$8 == 3 {print $1}' /backup/backup_1/users > /tmp/deactivated perl -e 'for(cat /tmp/deactivated`){ chop; $ex{$_}=1;} \ foreach $L (`cat prdb.extra.err`){ $f=0; \ @w=split(/[ :]/,$L); for(@w){ $f=1 if $ex{$_}; } \ next if $f; print $L; }' Now, back to the resync. pts listmax > /var/prdb.listmax foreach i ( ) bos shutdown $i ptserver bos exec $i "rm /usr/afs/db/prdb.DB*; mv /usr/afs/db/prdb.new /usr/afs/db/prdb.DB0" end foreach i ( ) bos restart $i ptserver end /moira/bin/udebug prill -port 7002 to watch the status of the servers to make sure things are going well, where "prill" is preferred db server (the sync site). Make sure the beacons are working, and that once quorom is established (~90 seconds) that the servers are resynchronizing their notions of the databases and that the "dbcurrent" and "up" fields all become set and the state goes to "1f". Also, if "sdi" isn't running, watch out for large rx packet queues on port 7002 using rxdebug, as the fileservers may get excessively backlogged, and restart servers, if necessary, if the congestion remains excessive. pts listmax cat /var/prdb.listmax and if the id maxima are lower than the saved ones, reset them appropriately to the saved ones using `pts setmax`. pts ex system:administrators as a good spot check, especially since it has special people. (also spot check one of the personal groups and perhaps, something like the membership of rcmd.ronald-ann) rm /moira/afs/noafs to remove the lock file and let Moira's afs incrementals continue. NOTES 1. Don't do this when you're tired... There may be no cleanup procedure available, with certain mistakes. 2. /moira/afs/noafs is only good for 30 minutes. Keep track of the critical log, and you may have to do some operations by hand when the operation is complete. Also, if requests depend on other requests, they may be processed out of order, and fail, and may need to be done by hand. SUMMARY # db servers with sync site first: set db=(prill agamemnon chimera orf) set u="/moira/bin/udebug -port 7002 -server" set prefix="/moira/sync/prdb" cd `dirname $prefix` ####### The following DOES NOT WORK currently. pt_util needs fixing #### BEFORE Moira and afs.incr are closed off: # repeat as necessary: $u $db[2]; rcp root@$db[2]\:/usr/afs/db/prdb.DB0 $prefix.old; $u $db[2] /moira/bin/pt_util -x -m -u -g -d $prefix.extra -p $prefix.old awk '/^[^ ][^:]*@/ {printf "KERBEROS:%s\n",$1}' $prefix.extra > extra.foreign blanche afs-foreign-users -f extra.foreign awk '/^[^ ][^:@]*$/ {printf "KERBEROS:%s\n",$1}' $prefix.extra > extra.domestic echo "LIST:afs-foreign-users" >> extra.domestic blanche afs-odd-entities -f extra.domestic #### WAIT for the above afs.incr events to take place (see moira.log) touch /moira/afs/noafs /moira/bin/afssync $prefix.moira >& $prefix.afssync.err & # repeat as necessary: $u $db[2]; rcp root@$db[2]\:/usr/afs/db/prdb.DB0 $prefix.old; $u $db[2] /moira/bin/pt_util -x -m -u -g -d $prefix.extra -p $prefix.old perl /moira/bin/pt_util.pl < $prefix.extra > $prefix.extra.sort wait more $prefix.afssync.err cp $prefix.moira $prefix.new /moira/bin/pt_util -w -d $prefix.extra.sort -p $prefix.new >& $prefix.extra.err # and review $prefix.extra.err pts listmax > $prefix.listmax set dbdir=/usr/afs/db foreach i ( $db ) echo "$i..." rcp -px $prefix.new ${i}:$dbdir end foreach i ( $db ) bos shutdown $i ptserver bos exec $i "rm $dbdir/prdb.DB*; mv $dbdir/prdb.new $dbdir/prdb.DB0" end foreach i ( $db ) bos restart $i ptserver end # checks, etc: $u $db[1] ######## more on checks rm /moira/afs/noafs