[915] in arla-drinkers
Re: User level permissions
daemon@ATHENA.MIT.EDU (Tim Yardley)
Mon Jun 28 13:19:00 1999
From owner-arla-drinkers@stacken.kth.se Mon Jun 28 17:18:59 1999
Return-Path: <owner-arla-drinkers@stacken.kth.se>
Delivered-To: arla-drinkers-mtg@bloom-picayune.mit.edu
Received: (qmail 14535 invoked from network); 28 Jun 1999 17:18:59 -0000
Received: from unknown (HELO sundance.stacken.kth.se) (130.237.234.41)
by bloom-picayune.mit.edu with SMTP; 28 Jun 1999 17:18:59 -0000
Received: (from majordom@localhost)
by sundance.stacken.kth.se (8.8.8/8.8.8) id TAA00756
for arla-drinkers-list; Mon, 28 Jun 1999 19:12:59 +0200 (MET DST)
Received: from ex1.ncsa.uiuc.edu (ex1.ncsa.uiuc.edu [141.142.2.9])
by sundance.stacken.kth.se (8.8.8/8.8.8) with ESMTP id TAA00748;
Mon, 28 Jun 1999 19:12:53 +0200 (MET DST)
Received: from mx1.ncsa.uiuc.edu (mx1.ncsa.uiuc.edu [141.142.2.8])
by ex1.ncsa.uiuc.edu (8.9.3/8.9.3) with ESMTP id MAA18127;
Mon, 28 Jun 1999 12:12:51 -0500 (CDT)
Received: from pecos.ncsa.uiuc.edu (pecos.ncsa.uiuc.edu [141.142.4.6])
by mx1.ncsa.uiuc.edu (8.9.3/8.9.3) with SMTP id MAA17774;
Mon, 28 Jun 1999 12:12:51 -0500 (CDT)
Date: Mon, 28 Jun 1999 12:12:50 -0500 (CDT)
From: Tim Yardley <yardley@ncsa.uiuc.edu>
To: Assar Westerlund <assar@stacken.kth.se>
cc: arla-drinkers@stacken.kth.se
Subject: Re: User level permissions
In-Reply-To: <5ld7yjn8rq.fsf@assaris.sics.se>
Message-ID: <Pine.SOL.3.95.990628120510.19995B-100000@pecos.ncsa.uiuc.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-md5sum: 1b09d4b3b183d0e78c9627ba6b0f925e
X-md5sum-Origin: mx1.ncsa.uiuc.edu
Sender: owner-arla-drinkers@stacken.kth.se
Precedence: bulk
: Yes, or it wasn't announced that much. Most of that code was released
: before Arla. Mostly any Kerberos distribution with support for AFS
: should work with Arla.
Yeah, well... NCSA is in somewhat of a sticky situation. We have our own
series of patches to kerberos (Ken Hornstein works closely with us). We
also have a screwy configuration for our afs cell/kerberos cell.
Basically, they are not the same name. Our kerberos realm is ncsa.edu and
our afs cell is ncsa.uiuc.edu. Needless to say, this causes problems...
including the inability to authenticate out of the box with the krb4-0.9.9
stuff.
Needless to say, my site mainly runs transarc clients... however, we are
looking at other alternatives such as arla for OS's that are not
supported by transarc/ibm. Needless to say, a necessity is
authentication... so it would be nice if we could get it working. I
imagine I could hack together a "working" klog... but I would also have to
do an aklog (for automation reasons). Grr.. more work. :/
Anyway, if our configuration wasn't the way it was.. it would be so much
easier. *gleems at the people that set it up* Oh well.. I will deal.
Sorry about the venting...
/tmy
-- Diving into infinity my consciousness expands in inverse
proportion to my distance from singularity
