[522] in arla-drinkers
RE: Arla 0.20 and linux 2.2-pre9, misc problems, probably not ker
daemon@ATHENA.MIT.EDU (Neulinger, Nathan R.)
Sun Jan 24 16:17:06 1999
From owner-arla-drinkers@stacken.kth.se Sun Jan 24 21:17:05 1999
Return-Path: <owner-arla-drinkers@stacken.kth.se>
Delivered-To: arla-drinkers-mtg@bloom-picayune.mit.edu
Received: (qmail 1642 invoked from network); 24 Jan 1999 21:17:04 -0000
Received: from unknown (HELO sundance.stacken.kth.se) (130.237.234.41)
by bloom-picayune.mit.edu with SMTP; 24 Jan 1999 21:17:04 -0000
Received: (from majordom@localhost)
by sundance.stacken.kth.se (8.8.8/8.8.8) id WAA12481
for arla-drinkers-list; Sun, 24 Jan 1999 22:12:25 +0100 (MET)
Received: from umr.edu (hermes.cc.umr.edu [131.151.1.68])
by sundance.stacken.kth.se (8.8.8/8.8.8) with ESMTP id WAA12477;
Sun, 24 Jan 1999 22:12:20 +0100 (MET)
Received: from umr-mail01.cc.umr.edu (umr-mail01.cc.umr.edu [131.151.37.121]) via ESMTP by hermes.cc.umr.edu (8.8.7/R.4.20) id PAA24905; Sun, 24 Jan 1999 15:12:18 -0600 (CST)
Received: by umr-mail01.cc.umr.edu with Internet Mail Service (5.5.2232.9)
id <DQ2R7S3Q>; Sun, 24 Jan 1999 15:12:27 -0600
Message-ID: <9DA8D24B915BD1118911006094516EAF019C7E77@umr-mail02.cc.umr.edu>
From: "Neulinger, Nathan R." <nneul@umr.edu>
To: "'Magnus Ahltorp'" <map@stacken.kth.se>
Cc: arla-drinkers@stacken.kth.se
Subject: RE: Arla 0.20 and linux 2.2-pre9, misc problems, probably not ker
nel specific
Date: Sun, 24 Jan 1999 15:12:17 -0600
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2232.9)
Content-Type: text/plain;
charset="ISO-8859-1"
Sender: owner-arla-drinkers@stacken.kth.se
Precedence: bulk
> -----Original Message-----
> From: Magnus Ahltorp [mailto:map@stacken.kth.se]
> Sent: Sunday, January 24, 1999 2:58 PM
> To: Neulinger, Nathan R.
> Cc: arla-drinkers@stacken.kth.se
> Subject: Re: Arla 0.20 and linux 2.2-pre9, misc problems, probably not
> kernel specific
>
>
> > It seems to be working ok for me.
>
> Great.
>
> > I do notice one problem. It appears that Arla treats PAG's
> differently than
> > transarc's AFS. If I do an su to root while logged in, with
> a token, I no
> > longer have the token, or the pag, in the su'd session:
>
> That is because your su throws away the secondary groups:
>
> > infinity(49)>id
> > uid=5879(nneul) gid=5000(afsuser) groups=33536,32512,5000(afsuser)
> > infinity(50)>su -
> > Password:
> > [root@infinity /root]# id
> > uid=0(root) gid=0(root)
> > groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
>
> Here, the 33536,32512 has been thrown away, and therefore you are
> assumed to be in the default PAG.
Right, but it didn't do that before. It's possible that it is a change in
the kernel from
2.0.35 to 2.2.
I have another machine running 2.0.35 with transarc's code, and the same
su/ksu. Both perform correctly on that machine.
>
> > Yes, I am using a mixture of transarc excutables and AFS,
> but only to
> > demonstrate the problem. Might be good if arla included a
> tokens executable.
> > Probably is easy enough to write, in fact, I believe I have
> the code lying
> > around somewhere to do it.
>
> If you use the kth-krb kerberos distribution, your klist is able to do
> this (klist -T).
Nope, running krb5 with hornstein's patches.
-- Nathan
