[OpenAFS-devel] OPenAFS and OpenSSH-3.8
Derrick J Brashear
shadow@dementia.org
Sun, 29 Feb 2004 21:05:29 -0500 (EST)
On Sun, 29 Feb 2004, Douglas E. Engert wrote:
> Not really. I was trying to convince the OpenSSH people to in effect
> add a hook to the code, so the sshd could be run on a system with
> or without OpenAFS, by using a dynamically loaded lib. If it was
> not present, the sshd would continue.
>
> So far the OpenSSH people have not been convinced.
>
> If it was a shared lib, I believe it would mean sshd would fail
> if the lib was not present.
why, you can dlopen a shlib and dlsym the symbols you want
> > Does libafsrpc.so/libafsauthent.so not have what you need?
>
> I don't think so. I was looking for two functions for the
> hook. Set the PAG, from the process loading and calling the hook,
> and get a token. The token could be obtained using something like
> aklog, or afslog, or even gssklog. (Note that the gssklog could
> use any GSSAPI, including non Kerberos based gssapi, like the
> Globus GSI.)
well, so, you want libkafs/libkrbafs, and strictly speaking them don't
need to come from openafs.
ken hornstein is supposed to be integrating aklog into the openafs source
base, so after he does maybe we can also include libk{,rb}afs.