[OpenAFS] "automatic" aklog?

Adam Megacz megacz@cs.berkeley.edu
Mon, 02 Jan 2006 22:14:30 -0800

One other aspect of my goal is to effectively have aklog become
"automatic".  That is, if a user's krb5 credentials cache has changed
in any way since the last time s/he accessed a particular cell, the
cache manager would ask afsd to run aklog (or perform equivalent
action) on behalf of that user.

Is there a reason -- other than "nobody's had time to implement it" --
that this is not already the case?

I'm leaving out a bit here since there's no such thing as a "kerberos
PAG" (only tokens get bound to PAGs, not tickets), but this is the
general idea.  I can see a couple of ways of handling PAGs.

  - a

PGP/GPG: 5C9F F366 C9CF 2145 E770  B1B8 EFB1 462D A146 C380