[OpenAFS] Problems giving a daemon process permanent access to AFS
Thu, 01 Feb 2007 21:17:53 +0100
I am running an unattended daemon process that needs access to the AFS
I have some scripts running from /etc/init.d/ under a specific user,
getting the kerberos credentials, getting the tokens and then running
the process. This works fine... until the tokens expire.
In this case, losing access to the files under /afs makes the process
abort. I tried to keep the process running, by using a cron-job under
the same user, that gets fresh credentials and tokens. Still, the
process aborts the moment the original tokens expire.
As far a I understand, the process should retain access to /afs, using
the new tokens, because tokens created by daemon processes are bound to
the user only. I assumed that processes started from init.d and
processes started from cron that run under the same user share the tokens.
Does anyone know why this doesn't work? Or is there a better way to do this?
I am using Debian 4.0, Kerberos5 1.4.4 and OpenAFS 1.4.2
Thanks in advance.