[928] in arla-drinkers

home help back first fref pref prev next nref lref last post

Re: User level permissions

daemon@ATHENA.MIT.EDU (Assar Westerlund)
Mon Jun 28 22:51:00 1999

From owner-arla-drinkers@stacken.kth.se Tue Jun 29 02:50:59 1999
Return-Path: <owner-arla-drinkers@stacken.kth.se>
Delivered-To: arla-drinkers-mtg@bloom-picayune.mit.edu
Received: (qmail 19655 invoked from network); 29 Jun 1999 02:50:58 -0000
Received: from unknown (HELO sundance.stacken.kth.se) (130.237.234.41)
  by bloom-picayune.mit.edu with SMTP; 29 Jun 1999 02:50:57 -0000
Received: (from majordom@localhost)
	by sundance.stacken.kth.se (8.8.8/8.8.8) id EAA11049
	for arla-drinkers-list; Tue, 29 Jun 1999 04:45:20 +0200 (MET DST)
Received: from assaris.sics.se (assaris.sics.se [193.10.66.108])
	by sundance.stacken.kth.se (8.8.8/8.8.8) with ESMTP id EAA11043
	for <arla-drinkers@stacken.kth.se>; Tue, 29 Jun 1999 04:45:15 +0200 (MET DST)
Received: (from assar@localhost) by assaris.sics.se (8.9.3/8.7.3) id EAA44278; Tue, 29 Jun 1999 04:44:57 +0200 (CEST)
From: Assar Westerlund <assar@stacken.kth.se>
To: Tim Yardley <yardley@ncsa.uiuc.edu>
Cc: arla-drinkers@stacken.kth.se
Subject: Re: User level permissions
References: <Pine.SOL.3.95.990628120510.19995B-100000@pecos.ncsa.uiuc.edu>
Mime-Version: 1.0 (generated by tm-edit 7.68)
Content-Type: text/plain; charset=ISO-8859-1
Date: 29 Jun 1999 04:44:56 +0200
In-Reply-To: Tim Yardley's message of "Mon, 28 Jun 1999 12:12:50 -0500 (CDT)"
Message-ID: <5lemivn2s7.fsf@assaris.sics.se>
Lines: 29
X-Mailer: Gnus v5.5/Emacs 19.34
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by sundance.stacken.kth.se id EAA11043
Sender: owner-arla-drinkers@stacken.kth.se
Precedence: bulk

Tim Yardley <yardley@ncsa.uiuc.edu> writes:
> Yeah, well... NCSA is in somewhat of a sticky situation.  We have our own
> series of patches to kerberos (Ken Hornstein works closely with us).  We
> also have a screwy configuration for our afs cell/kerberos cell.
> Basically, they are not the same name.  Our kerberos realm is ncsa.edu and
> our afs cell is ncsa.uiuc.edu.  Needless to say, this causes problems...
> including the inability to authenticate out of the box with the krb4-0.9.9
> stuff.

With the trick that Johan Ihrén posted here I think everything should
just work.

> Needless to say, my site mainly runs transarc clients... however, we are
> looking at other alternatives such as arla for OS's that are not
> supported by transarc/ibm.  Needless to say, a necessity is
> authentication... so it would be nice if we could get it working.  I
> imagine I could hack together a "working" klog... but I would also have to
> do an aklog (for automation reasons).  Grr.. more work. :/

As you have seen around here, we'll probably add the kauth-wrapper
script for klog if it's command-line compatability that you're
interested it.  As regards to your configuration not working as is
with stock krb4-0.9.9, talk to me and Johan offline if that's still
the case and we'll sort it out.

/assar

home help back first fref pref prev next nref lref last post