[OpenAFS] Solaris 10 11/06 afs 1.4.2 pam module panic.

Dale Ghent daleg@umbc.edu
Tue, 19 Dec 2006 09:04:07 -0500

Marcus Watts wrote:

> It seems a "struct cred", sorry, in solaris terms, a "cred_t", is regarded
> as a private structure of private internals.  afs doesn't know about this,
> and accesses the insides straight.  So if those insides actually had changed,
> bad things could happen.  Maybe.

Indeed, and I think this is our culprit.

With Solaris 10 11/06 (aka update 3), Solaris Trusted Extensions were 
introduced, and this added a new member (cr_label) to the cred_t struct.

I'm guessing that we're stomping around inside cred_t when storing the 
PAG there (right?) and the new member is throwing everything off.



Dale Ghent
UNIX Systems Specialist
UMBC - Office of Information Technology
ECS 201 - x51705