Arla 0.20 and linux 2.2-pre9, misc problems, probably not kernel specific
Neulinger, Nathan R.
nneul at umr.edu
Sun Jan 24 22:12:25 CET 1999
> -----Original Message-----
> From: Magnus Ahltorp [mailto:map at stacken.kth.se]
> Sent: Sunday, January 24, 1999 2:58 PM
> To: Neulinger, Nathan R.
> Cc: arla-drinkers at stacken.kth.se
> Subject: Re: Arla 0.20 and linux 2.2-pre9, misc problems, probably not
> kernel specific
>
>
> > It seems to be working ok for me.
>
> Great.
>
> > I do notice one problem. It appears that Arla treats PAG's
> differently than
> > transarc's AFS. If I do an su to root while logged in, with
> a token, I no
> > longer have the token, or the pag, in the su'd session:
>
> That is because your su throws away the secondary groups:
>
> > infinity(49)>id
> > uid=5879(nneul) gid=5000(afsuser) groups=33536,32512,5000(afsuser)
> > infinity(50)>su -
> > Password:
> > [root at infinity /root]# id
> > uid=0(root) gid=0(root)
> > groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
>
> Here, the 33536,32512 has been thrown away, and therefore you are
> assumed to be in the default PAG.
Right, but it didn't do that before. It's possible that it is a change in
the kernel from
2.0.35 to 2.2.
I have another machine running 2.0.35 with transarc's code, and the same
su/ksu. Both perform correctly on that machine.
>
> > Yes, I am using a mixture of transarc excutables and AFS,
> but only to
> > demonstrate the problem. Might be good if arla included a
> tokens executable.
> > Probably is easy enough to write, in fact, I believe I have
> the code lying
> > around somewhere to do it.
>
> If you use the kth-krb kerberos distribution, your klist is able to do
> this (klist -T).
Nope, running krb5 with hornstein's patches.
-- Nathan
More information about the Arla-drinkers
mailing list