AFS for Macintosh OS X

Reviewed by bil, 01.29.2018


How to setup AFS for OS X

Installing and setting up openAFS on OS X is pretty straightforward. You need to install the AFS client, configure it for our cell.

Auristor is the company that has taken over development of the afs client, the installer can be found here:

You will have to scroll through their terms and conditions and also register in advance before you can download the client When you run the installer, you will be prompted for the name of our cell, that is

Once you have installed the client, open a terminal and run:

kinit your-cs-id@CSX.UNC.EDU


If you login successfully, you can see your Kerberos tickets with


And your afs tokens:


To get to AFS in the terminal run

open /afs/

And to open your home dir:

open /afs/


Warning, this section below is left for historical purposes and doesn’t apply any longer

Install OpenAFS

First, download the openAFS package, generally the one you want is the Maintenance Release, as that is considered the most stable version. Run the installer. Then open and check the following:

  1. Change directories to /var/db/openafs/etc
    cd /var/db/openafs/etc
  2. Use vi or pico to open the ThisCell file. This file should contain only one line, with
    sudo vi ThisCell
  3. Copy the CellServDB file to CellServDB.orig
    sudo cp ./CellServDB ./CellServDB.orig
  4. Use vi or pico to make a new CellServDB file
    sudo vi CellServDB
  5. Put the following in the CellServDB file
    > # University of North Carolina Project Isis
    >     #Cell name
  6. Save the file and reboot. You should have an AFS running and be able to access the cell

Install Kerberos extras

In spring of 2011, we took down the older kaserver, so the old method of authenticating via klog no longer works. Instead, we authenticate against our CSX.UNC.EDU kerberos realm, and once we have a ticket from there, we use aklog to get access to AFS based on that ticket. OS X comes with kerberos, but MIT provides an addon package, Kerberos Extras, that extends the basic functionality. The configuration file for kerberos is /Library/Preferences/, and that needs to be edited to include information about our kerberos servers and those of campus. To simplify this, bil put together a small installer that will install the kerberos extras, configure the file, and copy a script named afs to /usr/local/bin (if it exists) or /usr/bin.

  1. Download the file
  2. Double click on it to unpack it.
  3. Open a Terminal window, and cd into the klog_replacement directory (you can drag the folder into the terminal window to copy that path into terminal, so type “cd[space]”, then drag the folder).
  4. Run the installer
  5. sudo ./

At this point, you should see the kerberos extras install. Once it’s complete, you should be able to type “afs” in a terminal window and be prompted for your CS password. If everything works as expected, you’ll get a ticket in the kerberos realm and a token.