[1193] in Moira
Re: acl problem
daemon@ATHENA.MIT.EDU (Jonathon Weiss)
Tue Oct 20 01:57:22 1998
From: Jonathon Weiss <jweiss@MIT.EDU>
To: "Mark V. Silis" <mvsilis@MIT.EDU>
Cc: bug-moira@MIT.EDU, zacheiss@MIT.EDU
In-Reply-To: Your message of "Mon, 19 Oct 1998 22:26:52 EDT."
<199810200226.WAA23454@nwo.mit.edu>
Date: Tue, 20 Oct 1998 01:57:14 EDT
> So today mike added garry's and my dbadmin instances to the moira-ops
> list as KERBEROS:mvsilis.dbadmin. We were told that it does not need
> the @ATHENA.MIT.EDU and should just deal. When we tried to do something
> later on with dbadmin tickets it gave us Insufficent access messages.
> Once we were added with the full kerberos principal it works fine.
I was only 1/2 listening to this conversation when it was occuring.
To my knowelge this has never worked, and I'm not convinced we'd want
it to. What I thought I heard during the conversation is that discuss
would DTRT (which is assume ATHENA.MIT.EDU and add that to the ACL
(not add the user without out the realm to the ACL and guess what
realm is right at access time)), but like I said I was only half
listening to the conversation at the time.
Jonathon
