[AFS3-std] Extended authentication names for bos

Alf Wachsmann alfw@slac.stanford.edu
Fri, 10 Dec 2010 09:42:56 -0800 (PST)

On Tue, 7 Dec 2010, Simon Wilkinson wrote:
> I've just uploaded draft-wilkinson-afs3-bos-identities-00 to the I-D 
> archive. This document builds upon Derrick's authentication name work to 
> describe an additional set of RX remote procedure calls which may be 
> used to managed extended authenticated names within bos's SuperUser 
> list.
> Getting this done is part of the rxgk work I'm doing for YFS - as we 
> need a way of letting rxgk users become bos super users.
> Comments gratefully appreciated - you can download the draft at 
> http://www.ietf.org/id/draft-wilkinson-afs3-bos-identities-00.txt

Hi Simon,

I just looked this over and found that "2.  Error codes" mentions
BZPERM as "existing ... error code[s]" but I can't find it in the
OpenAFS sources.

All functions described in the subsections of "3.  RPC Interface" say:
"If the user doesn't have sufficient permission, then BZACCESS is returned."
which seems to be what is used in the current OpenAFS sources.

Did you mean BZACCESS instead of BZPERM in section 2?


   Alf Wachsmann                       | e-mail: alfw@slac.stanford.edu
   SLAC - Scientific Computing         | Phone:  +1-650-926-4802
   2575 Sand Hill Road, M/S 97         | FAX:    +1-650-926-3329
   Menlo Park, CA 94025, USA           | Office: Bldg. 50/323
                 http://www.slac.stanford.edu/~alfw (PGP)