[762] in arla-drinkers
Re: What is needed to run Arla under FreeBSD 3.1?
daemon@ATHENA.MIT.EDU (Assar Westerlund)
Fri Apr 16 08:25:50 1999
From owner-arla-drinkers@stacken.kth.se Fri Apr 16 12:25:49 1999
Return-Path: <owner-arla-drinkers@stacken.kth.se>
Delivered-To: arla-drinkers-mtg@bloom-picayune.mit.edu
Received: (qmail 22569 invoked from network); 16 Apr 1999 12:25:48 -0000
Received: from unknown (HELO sundance.stacken.kth.se) (130.237.234.41)
by bloom-picayune.mit.edu with SMTP; 16 Apr 1999 12:25:48 -0000
Received: (from majordom@localhost)
by sundance.stacken.kth.se (8.8.8/8.8.8) id OAA11519
for arla-drinkers-list; Fri, 16 Apr 1999 14:17:11 +0200 (MET DST)
Received: from assaris.sics.se (assaris.sics.se [193.10.66.108])
by sundance.stacken.kth.se (8.8.8/8.8.8) with ESMTP id OAA11515
for <arla-drinkers@stacken.kth.se>; Fri, 16 Apr 1999 14:17:07 +0200 (MET DST)
Received: (from assar@localhost) by assaris.sics.se (8.9.1/8.7.3) id OAA68534; Fri, 16 Apr 1999 14:19:53 +0200 (CEST)
To: "Brandon S. Allbery KF8NH" <allbery@kf8nh.apk.net>
Cc: Randy Philipp <randy@umbc.edu>, arla-drinkers@stacken.kth.se,
heimdal-discuss@sics.se
Subject: Re: What is needed to run Arla under FreeBSD 3.1?
References: <199904161153.HAA18850@rushlight.kf8nh.apk.net>
Mime-Version: 1.0 (generated by tm-edit 7.68)
Content-Type: text/plain; charset=US-ASCII
From: Assar Westerlund <assar@sics.se>
Date: 16 Apr 1999 14:19:52 +0200
In-Reply-To: "Brandon S. Allbery KF8NH"'s message of "Fri, 16 Apr 1999 07:53:40 -0400"
Message-ID: <5l1zhkdafr.fsf@assaris.sics.se>
Lines: 22
X-Mailer: Gnus v5.5/Emacs 19.34
Sender: owner-arla-drinkers@stacken.kth.se
Precedence: bulk
[ I think we should move this discussion to heimdal-discuss ]
"Brandon S. Allbery KF8NH" <allbery@kf8nh.apk.net> writes:
> You have to build krb524d and krb524init with MIT Krb5. Note that krb524d is
> rather delicate (as of 1.0.5); it falls over whenever the KDC is locked for
> an update, so you pretty much have to run it from a shell script that
> respawns it automatically. Once you have this converted v4 ticket you can
> use aklog to stuff it into the kernel.
>
> The AFS-KRB5 patches make this semi-automatic based on entries in
> /etc/krb5.conf.
>
> That said, it's ugly. Then again, the equivalent "semi-automated" code
> doean't appear to have made it into heimdal yet...
Now I'm not sure exactly what `semi-automated' you're referring to
here. The kdc does the 524 conversion and there's code (in libkafs,
and called from kauth and afslog) for using that to acquire v4 tickets
and stuffing them into AFS/arla. I'm using that to get AFS tokens
talking to my heimdal KDC.
/assar
