[OpenAFS-devel] klog without ka
Marcus Watts
mdw@umich.edu
Thu, 19 Oct 2006 05:29:46 -0400
I have a little something I was working on just as I got
sick with something I brought home from an otherwise wonderful
SF convention.
/afs/umich.edu/group/itd/build/mdw/tmp/openafs-x-klog.diff
(
Should apply to 1.5.8. Actually should apply to any version;
this just creates 2 new source files. You'll need to insert
stuff into src/aklog/Makefile.in to build it.
something perhaps a bit like:
klog: klog.o skipwrap.o ${AFSLIBS}
${CC} -o $@ ${CFLAGS} klog.o skipwrap.o ${LIBS} ${AFSLIBS} \
${TOP_LIBDIR}/libcmd.a \
${KRB5LIBS} $(LIBCOM_ERR) ${XLIBS}
)
This is a version of klog that does nearly everything the old version
of klog did, except it uses kerberos 5 straight instead of using ka
(and rx and kerberos 4). It should even handle pxexpired principals.
Obviously you can just do this with "kinit+aklog" -- or even clever
perl scripts -- but I wasn't really looking forward to training my
fingers to do something different. I also like the idea of being able
to selectively renew AFS credentials without disturbing my existing
kerberos credentials.
I (obviously) plan to make this part of rxk5 - so there's
a bit of rxk5 stuff in the above diff -- mostly options
that don't do anything (yet). This version only handles rxkad
tokens. The skipwrap.c stuff is scary. I wrote it one night in
a fit of madness. Its only real value is it works for heimdal, mit,
or mit with only the public api exported.
-Marcus