[531] in arla-drinkers
Re: [Fwd: Arla 0.20 and linux 2.2-pre9, misc problems, probably n ot kernel specific]
daemon@ATHENA.MIT.EDU (Derek Atkins)
Mon Jan 25 13:26:37 1999
From owner-arla-drinkers@stacken.kth.se Mon Jan 25 18:26:37 1999
Return-Path: <owner-arla-drinkers@stacken.kth.se>
Delivered-To: arla-drinkers-mtg@bloom-picayune.mit.edu
Received: (qmail 19929 invoked from network); 25 Jan 1999 18:26:36 -0000
Received: from unknown (HELO sundance.stacken.kth.se) (130.237.234.41)
by bloom-picayune.mit.edu with SMTP; 25 Jan 1999 18:26:36 -0000
Received: (from majordom@localhost)
by sundance.stacken.kth.se (8.8.8/8.8.8) id TAA01461
for arla-drinkers-list; Mon, 25 Jan 1999 19:22:00 +0100 (MET)
Received: from elixir.e.kth.se (1073744992@elixir.e.kth.se [130.237.48.5])
by sundance.stacken.kth.se (8.8.8/8.8.8) with ESMTP id TAA01455
for <arla-drinkers@stacken.kth.se>; Mon, 25 Jan 1999 19:21:56 +0100 (MET)
Received: from hummel.e.kth.se (hummel.e.kth.se [130.237.43.135])
by elixir.e.kth.se (8.9.2/8.9.2) with ESMTP id TAA19308
for <arla-drinkers@stacken.kth.se>; Mon, 25 Jan 1999 19:21:56 +0100 (MET)
Received: (from lha@localhost)
by hummel.e.kth.se (8.9.2/8.9.2) id TAA09657
for arla-drinkers@stacken.kth.se; Mon, 25 Jan 1999 19:19:48 +0100 (MET)
Received: from MIT.EDU (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.69.0.28])
by sundance.stacken.kth.se (8.8.8/8.8.8) with SMTP id TAA01309
for <arla-drinkers@stacken.kth.se>; Mon, 25 Jan 1999 19:19:14 +0100 (MET)
Received: from DATKINS.IHTFP.ORG by MIT.EDU with SMTP
id AA21055; Mon, 25 Jan 99 13:19:28 EST
Received: by datkins.ihtfp.org (8.8.7/4.7) id NAA01082; Mon, 25 Jan 1999 13:18:58 -0500
To: "Neulinger, Nathan R." <nneul@umr.edu>
Cc: "'arla-drinkers@stacken.kth.se'" <arla-drinkers@stacken.kth.se>
Subject: Re: [Fwd: Arla 0.20 and linux 2.2-pre9, misc problems, probably n ot kernel specific]
References: <9DA8D24B915BD1118911006094516EAF019C7E85@umr-mail02.cc.umr.edu>
From: Derek Atkins <warlord@mit.edu>
Date: 25 Jan 1999 13:18:58 -0500
In-Reply-To: "Neulinger, Nathan R."'s message of Mon, 25 Jan 1999 12:11:05 -0600
Message-Id: <sjmpv835i7h.fsf@datkins.ihtfp.org>
Lines: 229
X-Mailer: Gnus v5.3/Emacs 19.34
Sender: owner-arla-drinkers@stacken.kth.se
Precedence: bulk
I think you misunderstand -- it doesn't run 'setpag()' -- it runs an
internal routine that sets the PAG in the grouplist from the actual
PAG information... Basically, it grabs the PAG, runs setgroups, and
then resets the PAG.
-derek
"Neulinger, Nathan R." <nneul@umr.edu> writes:
>
> Thanks Derek. This at least points me in a direction that I can look at.
>
> If nothing else, it's a relatively easy hack to have ksu setpag() and aklog
> after switching id's.
>
> -- Nathan
>
> ------------------------------------------------------------
> Nathan Neulinger EMail: nneul@umr.edu
> University of Missouri - Rolla Phone: (573) 341-4841
> Computing Services Fax: (573) 341-4216
>
> > -----Original Message-----
> > From: Derek Atkins [mailto:warlord@MIT.EDU]
> > Sent: Monday, January 25, 1999 10:17 AM
> > To: "Neulinger"@MIT.EDU
> > Cc: Nathan R." <Nathan.R."; 'arla-drinkers@stacken.kth.se'
> > Subject: Re: [Fwd: Arla 0.20 and linux 2.2-pre9, misc
> > problems, probably
> > n ot kernel specific]
> >
> >
> > Unfortunately I used Transarc's standard replacement for initgroups,
> > so no, I cannot release it. Sorry. Actually, its a replacement for
> > the setgroups system call, not initgroups... Basically it sets the
> > groups and then checks to see if a setpag had already been done in
> > which case it re-adds the Pag to the grouplist.
> >
> > -derek
> >
> > "Neulinger, Nathan R." <nneul@umr.edu> writes:
> >
> > >
> > > > -----Original Message-----
> > > > From: Derek Atkins [mailto:warlord@MIT.EDU]
> > > > Sent: Monday, January 25, 1999 9:13 AM
> > > > To: Nathan Neulinger
> > > > Cc: kenh@cmf.nrl.navy.mil
> > > > Subject: Re: [Fwd: Arla 0.20 and linux 2.2-pre9, misc
> > > > problems, probably
> > > > not kernel specific]
> > > >
> > > >
> > > > Linux-AFS replaces the 'initgroups' system call, does
> > Arla does the
> > > > same? I don't know how the Linux-2.2 version of AFS (which is
> > > > Transarc 3.5) will behave. I doubt it is a kernel change.
> > >
> > > I figured it did something like that.
> > >
> > > I verified that a simple initgroups() test fails on 2.2 and
> > works on 2.0.35
> > > (well, behaves the way I want anyway).
> > >
> > > Is your replacement for initgroups() something you can
> > release, given that
> > > it was not intrinsic to transarc's code? Arla already
> > preloads getcwd.so,
> > > should be easy enough to add another one to do initgroups().
> > >
> > > > Check Arla on 2.0.35 and see if it works there.
> > > >
> > > > -derek
> > > >
> > > > Nathan Neulinger <nneul@umr.edu> writes:
> > > >
> > > > >
> > > > > This is a multi-part message in MIME format.
> > > > > --------------9E78052BF545843A7AB710B7
> > > > > Content-Type: text/plain; charset=us-ascii
> > > > > Content-Transfer-Encoding: 7bit
> > > > >
> > > > > Hey guys.
> > > > >
> > > > > I just sent this to the arla list. Got any suggestions on
> > > > how to clean
> > > > > this up in krb5 (or elsewhere) in some way that is not
> > just a really
> > > > > ugly hack?
> > > > >
> > > > > This will no doubt affect use with transarc's client as well.
> > > > >
> > > > > How is this handled on other architectures? Or is
> > initgroups() just
> > > > > broken everywhere?
> > > > >
> > > > > -- Nathan
> > > > >
> > > > > ------------------------------------------------------------
> > > > > Nathan Neulinger EMail: nneul@umr.edu
> > > > > University of Missouri - Rolla Phone: (573) 341-4841
> > > > > Computing Services Fax: (573) 341-4216
> > > > > --------------9E78052BF545843A7AB710B7
> > > > > Content-Type: message/rfc822
> > > > > Content-Transfer-Encoding: 7bit
> > > > > Content-Disposition: inline
> > > > >
> > > > > Received: from umr.edu (hermes.cc.umr.edu [131.151.1.68])
> > > > by umr-mail01.cc.umr.edu with SMTP (Microsoft Exchange
> > > > Internet Mail Service Version 5.5.2232.9)
> > > > > id DQ2R7SPM; Sun, 24 Jan 1999 15:23:56 -0600
> > > > > Received: from sundance.stacken.kth.se
> > > > (sundance.stacken.kth.se [130.237.234.41]) via ESMTP by
> > > > hermes.cc.umr.edu (8.8.7/R.4.20) id PAA28277; Sun, 24 Jan
> > > > 1999 15:23:43 -0600 (CST)
> > > > > Received: (from majordom@localhost)
> > > > > by sundance.stacken.kth.se (8.8.8/8.8.8) id WAA12481
> > > > > for arla-drinkers-list; Sun, 24 Jan 1999
> > 22:12:25 +0100 (MET)
> > > > > Received: from umr.edu (hermes.cc.umr.edu [131.151.1.68])
> > > > > by sundance.stacken.kth.se (8.8.8/8.8.8) with
> > ESMTP id WAA12477;
> > > > > Sun, 24 Jan 1999 22:12:20 +0100 (MET)
> > > > > Received: from umr-mail01.cc.umr.edu (umr-mail01.cc.umr.edu
> > > > [131.151.37.121]) via ESMTP by hermes.cc.umr.edu
> > > > (8.8.7/R.4.20) id PAA24905; Sun, 24 Jan 1999 15:12:18 -0600 (CST)
> > > > > Received: by umr-mail01.cc.umr.edu with Internet Mail
> > > > Service (5.5.2232.9)
> > > > > id <DQ2R7S3Q>; Sun, 24 Jan 1999 15:12:27 -0600
> > > > > Message-ID:
> > > > <9DA8D24B915BD1118911006094516EAF019C7E77@umr-mail02.cc.umr.edu>
> > > > > From: "Neulinger, Nathan R." <nneul@umr.edu>
> > > > > To: "'Magnus Ahltorp'" <map@stacken.kth.se>
> > > > > Cc: arla-drinkers@stacken.kth.se
> > > > > Subject: RE: Arla 0.20 and linux 2.2-pre9, misc problems,
> > > > probably not ker
> > > > > nel specific
> > > > > Date: Sun, 24 Jan 1999 15:12:17 -0600
> > > > > MIME-Version: 1.0
> > > > > X-Mailer: Internet Mail Service (5.5.2232.9)
> > > > > Content-Type: text/plain;
> > > > > charset="ISO-8859-1"
> > > > > Sender: owner-arla-drinkers@stacken.kth.se
> > > > > Precedence: bulk
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: Magnus Ahltorp [mailto:map@stacken.kth.se]
> > > > > > Sent: Sunday, January 24, 1999 2:58 PM
> > > > > > To: Neulinger, Nathan R.
> > > > > > Cc: arla-drinkers@stacken.kth.se
> > > > > > Subject: Re: Arla 0.20 and linux 2.2-pre9, misc problems,
> > > > probably not
> > > > > > kernel specific
> > > > > >
> > > > > >
> > > > > > > It seems to be working ok for me.
> > > > > >
> > > > > > Great.
> > > > > >
> > > > > > > I do notice one problem. It appears that Arla treats PAG's
> > > > > > differently than
> > > > > > > transarc's AFS. If I do an su to root while logged in, with
> > > > > > a token, I no
> > > > > > > longer have the token, or the pag, in the su'd session:
> > > > > >
> > > > > > That is because your su throws away the secondary groups:
> > > > > >
> > > > > > > infinity(49)>id
> > > > > > > uid=5879(nneul) gid=5000(afsuser)
> > > > groups=33536,32512,5000(afsuser)
> > > > > > > infinity(50)>su -
> > > > > > > Password:
> > > > > > > [root@infinity /root]# id
> > > > > > > uid=0(root) gid=0(root)
> > > > > > >
> > groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
> > > > > >
> > > > > > Here, the 33536,32512 has been thrown away, and
> > therefore you are
> > > > > > assumed to be in the default PAG.
> > > > >
> > > > > Right, but it didn't do that before. It's possible that it
> > > > is a change in
> > > > > the kernel from
> > > > > 2.0.35 to 2.2.
> > > > >
> > > > > I have another machine running 2.0.35 with transarc's code,
> > > > and the same
> > > > > su/ksu. Both perform correctly on that machine.
> > > > >
> > > > > >
> > > > > > > Yes, I am using a mixture of transarc excutables and AFS,
> > > > > > but only to
> > > > > > > demonstrate the problem. Might be good if arla included a
> > > > > > tokens executable.
> > > > > > > Probably is easy enough to write, in fact, I believe I have
> > > > > > the code lying
> > > > > > > around somewhere to do it.
> > > > > >
> > > > > > If you use the kth-krb kerberos distribution, your klist
> > > > is able to do
> > > > > > this (klist -T).
> > > > >
> > > > > Nope, running krb5 with hornstein's patches.
> > > > >
> > > > > -- Nathan
> > > > >
> > > > > --------------9E78052BF545843A7AB710B7--
> > > > >
> > > >
> > > > --
> > > > Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
> > > > Member, MIT Student Information Processing Board (SIPB)
> > > > URL: http://web.mit.edu/warlord/ PP-ASEL N1NWH
> > > > warlord@MIT.EDU PGP key available
> > > >
> >
> > --
> > Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
> > Member, MIT Student Information Processing Board (SIPB)
> > URL: http://web.mit.edu/warlord/ PP-ASEL N1NWH
> > warlord@MIT.EDU PGP key available
> >
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL N1NWH
warlord@MIT.EDU PGP key available
