[OpenAFS-devel] FC6 aklog -setpag doesn't set tokens

[Jeffrey Hutzelman]

On Monday, October 30, 2006 03:50:50 PM -0800 Miles Davis 
<miles@CS.Stanford.EDU> wrote:

>
> Using the openafs.org RPM, slightly modified (with fsync patch and
> linux/autoconf.h replacing linux/config.h), aklog -setpag seems to get
> a token, but...doesn't.

You haven't said what kernel and AFS versions you're using, but I'm going 
to bet they're pretty new, since you did say you're running FC6.  The 
-setpag switch uses an AFS system call which violates a basic UNIX design 
principle, by allowing the process that calls it (aklog) to modify the 
execution environment of its parent (your shell).  That mechanism has 
always been somewhat ugly, and it's likely that with kernels new enough to 
require keyring-based PAG tracking, it has never worked and never will. 
What's probably going on here is that aklog's PAG is being changed, but 
that of the parent shell is not, so your tokens are being dropped into the 
great abyss.

I'd suggest you stop using -setpag entirely.  Instead, consider using 
pagsh, which gives you a new shell with a new PAG, along the same lines as 
newgrp.

-- Jeffrey T. Hutzelman (N3NHS) <jhutz+@cmu.edu>
   Sr. Research Systems Programmer
   School of Computer Science - Research Computing Facility
   Carnegie Mellon University - Pittsburgh, PA