[OpenAFS] pags, kernel 2.6.16 and 1.4.1

Andrej Filipcic andrej.filipcic@ijs.si
Thu, 20 Apr 2006 17:39:21 +0200


I have noticed there is an unwanted afs behavior with kernel 2.6.16 and 
openafs 1.4.1. If I enter pagsh and obtain a token and after that I do su to 
the same or another user (uid), there is no token any more. It seems like 
seteuid or similar call enters a new pag.

I have been running several services (like apache) with tokens to allow 
reading part of afs space. Since apache startup script is run as root and it 
does setuid to apache user, the tokens are lost.

Does anybody know how to avoid that? Is that 2.6.16 specific (new 
feature/protection) or openafs 1.4.1 specific?


   doc. dr. Andrej Filipcic,   E-mail: Andrej.Filipcic@ijs.si
   Department of Experimental High Energy Physics - F9
   Jozef Stefan Institute, Jamova 39, P.o.Box 3000
   SI-1001 Ljubljana, Slovenia
   Tel.: +386-1-477-3674    Fax: +386-1-477-3166