[OpenAFS] Re: refuse to grant tokens to a process without a PAG?
Derrick J Brashear
Mon, 19 Mar 2007 22:18:20 -0400 (EDT)
On Mon, 19 Mar 2007, Adam Megacz wrote:
> If I were to add support for this, where would be the best place to
> put the configuration option (afsd command line flag, perhaps)?
yet another afsd flag? ick.
the generic pioctl (which takes a parameter and a value) and a parameter
for this, is the "right" thing to do, and then if you want to set it, set
it after running afsd
of course, there are other things which should work this way.
>>> This is the default behavior when aklog is invoked outside of a PAG --
>>> any tokens get associated with all processes under that userid which
>>> do not have a PAG. I'm wondering if there is a way to simply refuse
>>> to offer tokens in this case -- force the user to get into a PAG
>>> before letting them get tokens.