[OpenAFS-devel] aklog on MacOS X was Re: Service Ticket Questions
Ragnar Sundblad
ragge@nada.kth.se
Fri, 31 Mar 2006 00:43:25 +0200
On Wed, 22 Mar 2006 09:34:39 -0500, Jeffrey Altman <jaltman@secure-
endpoints.com> wrote:
...
> Today in order to minimize the interactions with end users, we desire
> the ability to utilize single sign-on and automatic credential
renewal
> via the Kerberos Login Library plug-in. (Unfortunately, this is not
> working quite right on Tiger.)
...
Oh, what is it with the KLL API that doesn't work on tiger?
I am working on updating my old afslog.loginLogout that is based on the
MIT krbafs lib (<http://web.mit.edu/openafs/krbafs/>), which in turn is
based on heimdal's kafs lib anno ~2000-2001 broken out in a portable way
(portable meaning that it works with both MIT-krb and Heimdal and
OpenAFS and Arla on most platforms).
I think I have managed to update the krbafs lib to match ~heimdal
0.7.2++
kafs, and the loginLogout works for getting tokens when ran from the
command
line with kinit.
It doesn't work when I use it from LoginWindow though, it crashes
LoginWindow
(actually it crashes authorizationhost, but LoginWindow exits) so I
get to
the getty login. The funny thing is that even if I comment out
the call to the kerberos stuff, meaning that the plugin is just a big
noop,
it still crashes. This is how far I have gotten on this until this
afternoon.
Is this what you meant above?
If so, I should file a bug to apple instead of trying to understand what
I am doing wrong.
/ragge