[2719] in testers
7.7M Release for the Suns; tokens/groups problem
daemon@ATHENA.MIT.EDU (cfields@MIT.EDU)
Thu Dec 29 06:48:16 1994
From: cfields@MIT.EDU
Date: Thu, 29 Dec 1994 06:47:12 -0500
To: bert@MIT.EDU, cfields@MIT.EDU, coc@MIT.EDU, dkk@MIT.EDU, edward@MIT.EDU,
f_l@MIT.EDU, jweiss@MIT.EDU, miki@MIT.EDU, probe@MIT.EDU,
tytso@MIT.EDU, vrt@MIT.EDU, wchuang@MIT.EDU, wdc@MIT.EDU
Cc: salemme@MIT.EDU, mhbraun@MIT.EDU, testers@MIT.EDU
If you find after you log in to your recently updated 7.7M Sun
workstation that you do not have AFS tokens, you need to do the
following to fix it permenantly (temporarily you may just run aklog):
su to root
cp /etc/group.local /etc/group
logout and log back in. (Make sure that you have not seeded your
group.local file with yourself (or anyone) in more than 13 groups. If
you don't know what I'm talking about, then you don't have to worry
about it.)
What's the problem here?
By enabling setpag on the Sun, NGROUPS (the maximum number of groups
AFS can happily be told you are in) was lowered as of this patch
release. However, it is possible that the /etc/group file on your
workstation remembers more groups than are now allowed (which will be
the case if reactivate has not run since you last logged out, and you
are "in too many groups"). If this is so, after xlogin obtains
authentication for you, its action of adding your groups will destroy
your tokens. (Or something like that. I'm not actually familiar with
the gory details of AFS.)
The real bug here is that the group is not cleaned up on reboot.
I must say this was quite a lot of fun to track down.
Craig
