[939] in arla-drinkers
Re: forwarding tokens to other machines
daemon@ATHENA.MIT.EDU (Johan Ihren)
Wed Jun 30 12:51:27 1999
From owner-arla-drinkers@stacken.kth.se Wed Jun 30 16:51:26 1999
Return-Path: <owner-arla-drinkers@stacken.kth.se>
Delivered-To: arla-drinkers-mtg@bloom-picayune.mit.edu
Received: (qmail 13817 invoked from network); 30 Jun 1999 16:51:25 -0000
Received: from unknown (HELO sundance.stacken.kth.se) (130.237.234.41)
by bloom-picayune.mit.edu with SMTP; 30 Jun 1999 16:51:25 -0000
Received: (from majordom@localhost)
by sundance.stacken.kth.se (8.8.8/8.8.8) id SAA03996
for arla-drinkers-list; Wed, 30 Jun 1999 18:45:05 +0200 (MET DST)
Received: from wanda.pdc.kth.se (wanda.pdc.kth.se [130.237.221.56])
by sundance.stacken.kth.se (8.8.8/8.8.8) with ESMTP id SAA03992
for <arla-drinkers@stacken.kth.se>; Wed, 30 Jun 1999 18:45:01 +0200 (MET DST)
Received: by wanda.pdc.kth.se (Postfix, from userid 1211)
id C7B2070FE; Wed, 30 Jun 1999 18:45:00 +0200 (CEST)
From: Johan Ihren <johani@pdc.kth.se>
To: Herbert.Huber@lrz-muenchen.de
Cc: arla-drinkers@stacken.kth.se
In-reply-to: <377A444A.27D39A72@lrz-muenchen.de> (message from Herbert Huber
on Wed, 30 Jun 1999 16:22:35 +0000)
Subject: Re: forwarding tokens to other machines
X-Emacs: 19.34
Mime-Version: 1.0 (generated by SEMI MIME-Edit 0.77)
Content-Type: text/plain; charset=ISO-8859-1
Message-Id: <19990630164500.C7B2070FE@wanda.pdc.kth.se>
Date: Wed, 30 Jun 1999 18:45:00 +0200 (CEST)
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by sundance.stacken.kth.se id SAA03992
Sender: owner-arla-drinkers@stacken.kth.se
Precedence: bulk
>>>>> "Herbert" == Herbert Huber <Herbert.Huber@lrz-muenchen.de> writes:
Hi,
Herbert> Has anybody a small program which reads AFS token from
Herbert> stdin, writes AFS token into token cache and works under
Herbert> arla? I need this program to forward an AFS token which a
Herbert> user has on my interactive machines to the machine where
Herbert> his batch job will run. We are using SuSE Linux 6.0,
At PDC we use the "-h" feature of kauth (from KTH Kerberos) for
exactly this purpose (distributing tokens to a bunch of compute nodes
in a cluster). IIRC, "-h" came into being to solve that particular
problem.
The downside is that you have to submit your password to kauth, but
the upside is that since the scheduler/batch system knows when the job
will run it is possible to ensure that the tokens will last long
enough.
A further upside is that by using a different TGT that is independent
of the TGT/token associated with the interactive session it doesn't
matter that well-behaved users destroy all tickets and tokens upon
logout.
Herbert> kernel 2.2.3 together with CODINE 4.2 on our Linux batch
Herbert> cluster and the AFS support of CODINE relies on the
Herbert> official AFS client from IBM (Transarc) ans doesn´t work
Herbert> with arla. However on the other side it turned out that
Herbert> the AFS kernel module cannot be loaded on my SMP machines
Regards,
Johan Ihrén, <johani@pdc.kth.se>,
phone: +46 (8) 790 6844, Center for Parallel Computers,
Royal Institute of Technology, SE-100 44 Stockholm, Sweden