PR_ListElements and PR - Permission Denied
John Callaghan
jpc at jpc.cl.msu.edu
Wed Nov 1 17:22:24 CET 2000
We use AFS for authentication and authorization on alot of our services. I'm
trying to duplicate the client side of our auth system using Arla. I'm
working on FreeBSD 4.1.1-STABLE (10/18/00) and using Arla 0.34.5 and Athena
1.0.2.
After cscope-ing klog and pts, I've got a working model established. The
problem arises when authorizing multiple users. The first user checks out
fine, but the second fails at PR_ListElements with "PR - Permission Denied"
(code 267269). Rechecking the first user, after the second fails, continues
to work.
Here's the basic steps the test code takes:
Init (k_hasafs, ports_init, rx_Init, cell_init)
Get realm and cell (krb_get_lrealm, cell_getthiscell)
while(1)
{
Get username and password
New ticket file (mkstemp, krb_set_tkt_string)
Store password, realm, ticket life (krb_get_pw_in_tkt)
Get connection (arlalib_first_db, arlalib_next_db)
{
Get uid (PR_NameToID)
Get membership (PR_ListElements)
}
Destroy ticket file (dest_tkt)
}
Any tips or directions to proceed would be greatly appreciated. Thanks.
--
John Callaghan
jpc at msu.edu
More information about the Arla-drinkers
mailing list