[Fwd: Arla 0.20 and linux 2.2-pre9, misc problems, probably n ot kernel specific]
Derek Atkins
warlord at mit.edu
Mon Jan 25 19:22:00 CET 1999
I think you misunderstand -- it doesn't run 'setpag()' -- it runs an
internal routine that sets the PAG in the grouplist from the actual
PAG information... Basically, it grabs the PAG, runs setgroups, and
then resets the PAG.
-derek
"Neulinger, Nathan R." <nneul at umr.edu> writes:
>
> Thanks Derek. This at least points me in a direction that I can look at.
>
> If nothing else, it's a relatively easy hack to have ksu setpag() and aklog
> after switching id's.
>
> -- Nathan
>
> ------------------------------------------------------------
> Nathan Neulinger EMail: nneul at umr.edu
> University of Missouri - Rolla Phone: (573) 341-4841
> Computing Services Fax: (573) 341-4216
>
> > -----Original Message-----
> > From: Derek Atkins [mailto:warlord at MIT.EDU]
> > Sent: Monday, January 25, 1999 10:17 AM
> > To: "Neulinger"@MIT.EDU
> > Cc: Nathan R." <Nathan.R."; 'arla-drinkers at stacken.kth.se'
> > Subject: Re: [Fwd: Arla 0.20 and linux 2.2-pre9, misc
> > problems, probably
> > n ot kernel specific]
> >
> >
> > Unfortunately I used Transarc's standard replacement for initgroups,
> > so no, I cannot release it. Sorry. Actually, its a replacement for
> > the setgroups system call, not initgroups... Basically it sets the
> > groups and then checks to see if a setpag had already been done in
> > which case it re-adds the Pag to the grouplist.
> >
> > -derek
> >
> > "Neulinger, Nathan R." <nneul at umr.edu> writes:
> >
> > >
> > > > -----Original Message-----
> > > > From: Derek Atkins [mailto:warlord at MIT.EDU]
> > > > Sent: Monday, January 25, 1999 9:13 AM
> > > > To: Nathan Neulinger
> > > > Cc: kenh at cmf.nrl.navy.mil
> > > > Subject: Re: [Fwd: Arla 0.20 and linux 2.2-pre9, misc
> > > > problems, probably
> > > > not kernel specific]
> > > >
> > > >
> > > > Linux-AFS replaces the 'initgroups' system call, does
> > Arla does the
> > > > same? I don't know how the Linux-2.2 version of AFS (which is
> > > > Transarc 3.5) will behave. I doubt it is a kernel change.
> > >
> > > I figured it did something like that.
> > >
> > > I verified that a simple initgroups() test fails on 2.2 and
> > works on 2.0.35
> > > (well, behaves the way I want anyway).
> > >
> > > Is your replacement for initgroups() something you can
> > release, given that
> > > it was not intrinsic to transarc's code? Arla already
> > preloads getcwd.so,
> > > should be easy enough to add another one to do initgroups().
> > >
> > > > Check Arla on 2.0.35 and see if it works there.
> > > >
> > > > -derek
> > > >
> > > > Nathan Neulinger <nneul at umr.edu> writes:
> > > >
> > > > >
> > > > > This is a multi-part message in MIME format.
> > > > > --------------9E78052BF545843A7AB710B7
> > > > > Content-Type: text/plain; charset=us-ascii
> > > > > Content-Transfer-Encoding: 7bit
> > > > >
> > > > > Hey guys.
> > > > >
> > > > > I just sent this to the arla list. Got any suggestions on
> > > > how to clean
> > > > > this up in krb5 (or elsewhere) in some way that is not
> > just a really
> > > > > ugly hack?
> > > > >
> > > > > This will no doubt affect use with transarc's client as well.
> > > > >
> > > > > How is this handled on other architectures? Or is
> > initgroups() just
> > > > > broken everywhere?
> > > > >
> > > > > -- Nathan
> > > > >
> > > > > ------------------------------------------------------------
> > > > > Nathan Neulinger EMail: nneul at umr.edu
> > > > > University of Missouri - Rolla Phone: (573) 341-4841
> > > > > Computing Services Fax: (573) 341-4216
> > > > > --------------9E78052BF545843A7AB710B7
> > > > > Content-Type: message/rfc822
> > > > > Content-Transfer-Encoding: 7bit
> > > > > Content-Disposition: inline
> > > > >
> > > > > Received: from umr.edu (hermes.cc.umr.edu [131.151.1.68])
> > > > by umr-mail01.cc.umr.edu with SMTP (Microsoft Exchange
> > > > Internet Mail Service Version 5.5.2232.9)
> > > > > id DQ2R7SPM; Sun, 24 Jan 1999 15:23:56 -0600
> > > > > Received: from sundance.stacken.kth.se
> > > > (sundance.stacken.kth.se [130.237.234.41]) via ESMTP by
> > > > hermes.cc.umr.edu (8.8.7/R.4.20) id PAA28277; Sun, 24 Jan
> > > > 1999 15:23:43 -0600 (CST)
> > > > > Received: (from majordom at localhost)
> > > > > by sundance.stacken.kth.se (8.8.8/8.8.8) id WAA12481
> > > > > for arla-drinkers-list; Sun, 24 Jan 1999
> > 22:12:25 +0100 (MET)
> > > > > Received: from umr.edu (hermes.cc.umr.edu [131.151.1.68])
> > > > > by sundance.stacken.kth.se (8.8.8/8.8.8) with
> > ESMTP id WAA12477;
> > > > > Sun, 24 Jan 1999 22:12:20 +0100 (MET)
> > > > > Received: from umr-mail01.cc.umr.edu (umr-mail01.cc.umr.edu
> > > > [131.151.37.121]) via ESMTP by hermes.cc.umr.edu
> > > > (8.8.7/R.4.20) id PAA24905; Sun, 24 Jan 1999 15:12:18 -0600 (CST)
> > > > > Received: by umr-mail01.cc.umr.edu with Internet Mail
> > > > Service (5.5.2232.9)
> > > > > id <DQ2R7S3Q>; Sun, 24 Jan 1999 15:12:27 -0600
> > > > > Message-ID:
> > > > <9DA8D24B915BD1118911006094516EAF019C7E77 at umr-mail02.cc.umr.edu>
> > > > > From: "Neulinger, Nathan R." <nneul at umr.edu>
> > > > > To: "'Magnus Ahltorp'" <map at stacken.kth.se>
> > > > > Cc: arla-drinkers at stacken.kth.se
> > > > > Subject: RE: Arla 0.20 and linux 2.2-pre9, misc problems,
> > > > probably not ker
> > > > > nel specific
> > > > > Date: Sun, 24 Jan 1999 15:12:17 -0600
> > > > > MIME-Version: 1.0
> > > > > X-Mailer: Internet Mail Service (5.5.2232.9)
> > > > > Content-Type: text/plain;
> > > > > charset="ISO-8859-1"
> > > > > Sender: owner-arla-drinkers at stacken.kth.se
> > > > > Precedence: bulk
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: Magnus Ahltorp [mailto:map at stacken.kth.se]
> > > > > > Sent: Sunday, January 24, 1999 2:58 PM
> > > > > > To: Neulinger, Nathan R.
> > > > > > Cc: arla-drinkers at stacken.kth.se
> > > > > > Subject: Re: Arla 0.20 and linux 2.2-pre9, misc problems,
> > > > probably not
> > > > > > kernel specific
> > > > > >
> > > > > >
> > > > > > > It seems to be working ok for me.
> > > > > >
> > > > > > Great.
> > > > > >
> > > > > > > I do notice one problem. It appears that Arla treats PAG's
> > > > > > differently than
> > > > > > > transarc's AFS. If I do an su to root while logged in, with
> > > > > > a token, I no
> > > > > > > longer have the token, or the pag, in the su'd session:
> > > > > >
> > > > > > That is because your su throws away the secondary groups:
> > > > > >
> > > > > > > infinity(49)>id
> > > > > > > uid=5879(nneul) gid=5000(afsuser)
> > > > groups=33536,32512,5000(afsuser)
> > > > > > > infinity(50)>su -
> > > > > > > Password:
> > > > > > > [root at infinity /root]# id
> > > > > > > uid=0(root) gid=0(root)
> > > > > > >
> > groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
> > > > > >
> > > > > > Here, the 33536,32512 has been thrown away, and
> > therefore you are
> > > > > > assumed to be in the default PAG.
> > > > >
> > > > > Right, but it didn't do that before. It's possible that it
> > > > is a change in
> > > > > the kernel from
> > > > > 2.0.35 to 2.2.
> > > > >
> > > > > I have another machine running 2.0.35 with transarc's code,
> > > > and the same
> > > > > su/ksu. Both perform correctly on that machine.
> > > > >
> > > > > >
> > > > > > > Yes, I am using a mixture of transarc excutables and AFS,
> > > > > > but only to
> > > > > > > demonstrate the problem. Might be good if arla included a
> > > > > > tokens executable.
> > > > > > > Probably is easy enough to write, in fact, I believe I have
> > > > > > the code lying
> > > > > > > around somewhere to do it.
> > > > > >
> > > > > > If you use the kth-krb kerberos distribution, your klist
> > > > is able to do
> > > > > > this (klist -T).
> > > > >
> > > > > Nope, running krb5 with hornstein's patches.
> > > > >
> > > > > -- Nathan
> > > > >
> > > > > --------------9E78052BF545843A7AB710B7--
> > > > >
> > > >
> > > > --
> > > > Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
> > > > Member, MIT Student Information Processing Board (SIPB)
> > > > URL: http://web.mit.edu/warlord/ PP-ASEL N1NWH
> > > > warlord at MIT.EDU PGP key available
> > > >
> >
> > --
> > Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
> > Member, MIT Student Information Processing Board (SIPB)
> > URL: http://web.mit.edu/warlord/ PP-ASEL N1NWH
> > warlord at MIT.EDU PGP key available
> >
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL N1NWH
warlord at MIT.EDU PGP key available
More information about the Arla-drinkers
mailing list