[OpenAFS] Kerberos 5, AFS, and no krb524d
Charles Clancy
security@xauth.net
Mon, 9 Jun 2003 22:20:02 -0500 (CDT)
On Fri, 6 Jun 2003, Douglas E. Engert wrote:
> Ken Hornstein wrote:
> >
> > >> aklog ends up being a real pain in the ass piece of software. It's tied
> > >> to both your Kerberos implementation _and_ your AFS implementation. Just
> > >> compiling it can be a challenge.
> > >
> > >Dare I say gssapi again?
> >
> > So, you need to link in your GSSAPI implementation, which requires you to
> > link in your Kerberos implementation ...
>
> This is currently shared libs, but could be a dynamic link too.
Config file + dlopen. You could even seperate the klog front end from the
back end, and then anything supporting that API (such as GSS, but that
seems to be a bad word lately) could use the same front end. Even pam_afs
could be modified to support it.
[ t. charles clancy ]--[ tclancy@uiuc.edu ]--[ www.uiuc.edu/~tclancy ]