[3022] in testers
Re: setpag
daemon@ATHENA.MIT.EDU (Greg Hudson)
Mon Jul 22 16:04:24 1996
To: bdrosen@MIT.EDU
Cc: testers@MIT.EDU
In-Reply-To: Your message of "Mon, 22 Jul 1996 16:01:24 EDT."
<9607222001.AA01309@cogsworth.MIT.EDU>
Date: Mon, 22 Jul 1996 16:04:09 EDT
From: Greg Hudson <ghudson@MIT.EDU>
AFS keeps trag of process authentication groups via two group entries.
If you're in more than 14 groups (including your primary group), then
setpag() will fail.
There's no way around this without modifyin libc, AFS, or the kernel.
(The various Athena login programs should do a better job of not
putting you in too many groups when you're in local groups; that's an
item on my list, but not for the 8.0 release.)
> The user then ftps in to the workstation via the athena ftpd, (has
> krb tix) and attaches a locker. When the user quits the ftp session,
> the tokens from the login session are removed too . (fsid -u )
Quite understandable; if AFS can't put you in a PAG, it indexes your
tokens by uid, so when ftpd revokes your tokens, it gets the ones for
your login session as well.
