[OpenAFS] home on afs woes
Fri, 13 Jan 2006 17:08:17 -0500
On Friday, January 13, 2006 11:00:14 AM -0800 Russ Allbery
> Sergio Gelato <Sergio.Gelato@astro.su.se> writes:
>> I also like it that Heimdal's pagsh (kpagsh, in Debian) will generate a
>> new KRB5CCNAME, so that a subsequent kinit will not clobber the Kerberos
>> ccache of the parent process. OpenAFS's pagsh shouldn't (and doesn't) do
>> that since OpenAFS tries to be agnostic about where the tokens come from
>> (it doesn't have to be Kerberos 5).
> Yeah, OpenAFS has a pagsh.krb that does this for the K4 KRBTKFILE, but
> like most of the rest of the K4-only stuff, it's not installed in the
> Debian packages.
It does that because the *.krb utilities also maintain kerberos ticket
files; for example, klog.krb will leave you with a TGT that you can use for
Those tools are deprecated, and IMHO a pagsh.krb5 would be inappropriate,
unless we plan on shipping a complete suite of tools that manage krb5
tickets, as we did for krb4.