[OpenAFS] MacOSX with reliable AFS homedirs?
Ben Staffin
staffin@uiuc.edu
Thu, 3 Feb 2005 22:35:44 -0600
* Troy Benjegerdes <hozer@hozed.org> [2005-02-03 22:31] wibbled:
> On Thu, Feb 03, 2005 at 09:48:04PM -0600, Ben Staffin wrote:
> > * Troy Benjegerdes <hozer@hozed.org> [2005-02-03 20:29] wibbled:
> > > On Thu, Feb 03, 2005 at 08:22:44PM -0600, Tracy Di Marco White wrote:
> > > >
> > > > In message <20050204021548.GT9768@kalmia.hozed.org>, Troy Benjegerdes writes:
> > > > >Has anyone gotten Krb5, ldap, and AFS homedirs working reliably?
> > > >
> > > > Have you looked at the ISU OS X documentation?
> > > > http://tech.ait.iastate.edu/macosx/
> > > >
> > > > I'm just using krb5 & AFS, no LDAP, but mine is mostly a single user
> > > > machine.
> > >
> > > Do you have an afs homedir, and how do you get tokens when you log in?
> >
> > We use Nicholas Riley's aklog plugin to get tokens on login
> > (http://www.acm.uiuc.edu/admin/afs/aklog-1.0.dmg). It creates a
> > /usr/local/bin/aklog, and a /Library/Kerberos Plug-Ins/aklog.loginLogout
> > bundle. I'm not sure how other sites handle this.
> >
>
> That looks like the same kfm_aklog bundle. How do you debug this when it
> doesn't work?
>
> Do you have to reboot or something to get kfm_aklog to work? I would
> expect a reasonable unix system to not require a reboot for something
> like that.
>
> Also, does this (or anything else) work with ssh logins?
Where did you acquire the other kfm_aklog bundle? If ours is obsoleted,
perhaps we should use that one.
I am not sure if this requires a reboot. I wouldn't expect it to, but
it wouldn't really surprise me if it did, either. As with many things
on OSX, I'm sure it doesn't literally require a reboot, but it may be
easiest to just do that rather than tracking down exactly what needs to
be kicked.
I assume you are able to get forwardable Kerberos tickets upon login?
--
/--
| Ben Staffin
perpetual nerd |
--/