[AFS3-std] Re: rxgk-afs tokens for ptservers, etc.
Brandon Allbery
ballbery@sinenomine.net
Thu, 14 Feb 2013 14:52:28 +0000
afs3-fs-UUID@REALM ?=0A=
=0A=
--=0A=
brandon s allbery kf8nh sine nomine associate=
s=0A=
allbery.b@gmail.com ballbery@sinenomine.ne=
t=0A=
unix, openafs, kerberos, infrastructure, xmonad http://sinenomine.ne=
t=0A=
=0A=
________________________________________=0A=
From: afs3-standardization-admin@openafs.org [afs3-standardization-admin@op=
enafs.org] on behalf of Simon Wilkinson [simon@sxw.org.uk]=0A=
Sent: Thursday, February 14, 2013 03:49=0A=
To: Benjamin Kaduk=0A=
Cc: Andrew Deason; afs3-standardization@openafs.org=0A=
Subject: Re: [AFS3-std] Re: rxgk-afs tokens for ptservers, etc.=0A=
=0A=
The possibilities here seem to be requiring the identity<->UUID mapping to =
be part of the server configuration (which would permit any form of identit=
y to be used), using a leap of faith where the first identity used to regis=
ter a UUID is the only one which can then make changes to that UUID, or usi=
ng an identity which contains the server's UUID. For the latter, using afs3=
-fileserver@UUID is tempting, but means that we lose any domain-to-realm ma=
gic that may be required.=0A=