[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bug in kinit and afslog
On Aug 1, 2007, at 12:56 , Alf Wachsmann wrote:
> when I obtain an AFS token from my account (alfw; UID 5828) for an
> with a different Unix UID (vanilla; UID 1820), the resulting AFS
> token has
> the wrong UID stored in it (my own instead of vanilla's) even
> though the credential in that token belongs to the other account.
This is expected behavior. OpenAFS's aklog does a round-trip with
the AFS ptserver to find the correct PTS id; this isn't necessary to
create a token, and heimdal avoids dependencies on AFS libraries
(even to the extent of providing its own absolutely minimal AFS
syscall wrapper), so it cheats and assumes the current uid is correct.
brandon s. allbery [solaris,freebsd,perl,pugs,haskell] firstname.lastname@example.org
system administrator [openafs,heimdal,too many hats] email@example.com
electrical and computer engineering, carnegie mellon university KF8NH