[OpenAFS-devel] OPenAFS and OpenSSH-3.8
Douglas E. Engert
deengert@anl.gov
Sun, 29 Feb 2004 19:56:57 -0600
Derrick J Brashear wrote:
>
> On Thu, 26 Feb 2004, Douglas E. Engert wrote:
>
> > OpenAFS could then distribute the dynamic library, that would
> > get a PAG and fork/exec some program like aklog, or afslog to
> > actually get the token.
>
> Where "dynamic" equals "shared"?
Not really. I was trying to convince the OpenSSH people to in effect
add a hook to the code, so the sshd could be run on a system with
or without OpenAFS, by using a dynamically loaded lib. If it was
not present, the sshd would continue.
So far the OpenSSH people have not been convinced.
If it was a shared lib, I believe it would mean sshd would fail
if the lib was not present.
> Does libafsrpc.so/libafsauthent.so not have what you need?
I don't think so. I was looking for two functions for the
hook. Set the PAG, from the process loading and calling the hook,
and get a token. The token could be obtained using something like
aklog, or afslog, or even gssklog. (Note that the gssklog could
use any GSSAPI, including non Kerberos based gssapi, like the
Globus GSI.)
> _______________________________________________
> OpenAFS-devel mailing list
> OpenAFS-devel@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-devel
--
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444