Thanks to all for writing.
Pag and token are mostly needed at login. Could all be done under PAM.
If there is no PAM given, the user must do it in his Shell startup profile.
The use of pagsh there is tricky (but possible) , but a working aklog
-setpag
makes that easy and straightforward. (One could kinit in the profile or
scp a ticket from your home
computer to /tmp/ beforehand using key login, /tmp/ is writable then.)
The dokumentation says the -setpag flag might not work everywhere.
Under 1.8.x, thats true for my environment, alas; does the code change help
somewhere else?
So i will use my working 1.6.20+ aklog further.
To avoid a full compilation of a 1.6.20+ version just for the aklog, a
much more
simple approach is to use gssklog -setpag from D.E.Engert @anl (great!),
the source is still available at
http://www.hep.manchester.ac.uk/u/masj/gssklog/
Best regards,
Rainer Laatsch
---------------------------------------------------------
On 10/18/18 17:00, Benjamin Kaduk wrote:
In particular, the kernel functionality to modify the groups/keyring
contents/etc. of the parent process has not been present for a long time.
So the kernel version is arguably more relevant than the OpenAFS version.
-Ben
On Thu, Oct 18, 2018 at 06:43:25AM -0400, Malato, Andy wrote:
The -setpag has long been deprecated and should no longer be used. You
should be using pagsh instead.
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
