[OpenAFS] Puzzler: lack of access to AFS files

Russ Allbery rra@stanford.edu
Tue, 11 Dec 2007 16:18:28 -0800

John Hascall <john@iastate.edu> writes:

> I'm sure I must be doing something embarrassingly stupid here,
> but I just can't figure out why this script is not able to
> access the files in AFS that it should be able to.


> Default principal: sysadmin/asw.iastate.edu@IASTATE.EDU

There's a hard-coded table of principals for which the Kerberos v5 support
in rxkad will do realm conversion in src/rxkad/ticket5.c, and sysadmin
isn't one of them.  I don't completely follow the code here, but I think
that sysadmin/asw.iastate.edu may not be converted to sysadmin.asw because
sysadmin isn't listed on that list.  It feels like there should be a
default fallback to doing that, but I'm not seeing it.

Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>