[OpenAFS] web access
Loren M. Lang
lorenl@north-winds.org
Fri, 12 Dec 2008 12:05:11 -0800
--=-ayISlKIXT2r/BSCZIIep
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
On Sun, 2008-12-07 at 00:27 +0100, M=C3=A5ns Nilsson wrote:
> --On l=C3=B6rdag, l=C3=B6rdag 6 dec 2008 19.44.06 +0100 Jesus arteche
> <chechu.linux@gmail.com> wrote:
>=20
> > hey,
> >=20
> > I'd ike to know if there is a possibility of access to my openAFS cell
> > via web. and if its possible where I can find the info about how to do.
>=20
> Start apache with suitable tickets and tokens. An often used method is to
> create a principal, extract it to a file and then:=20
>=20
> #!/bin/ksh
> #
> # Startup-script for apache-server with ticketfile.
> # $Id: apache-stacken.sh,v 1.3 2005/07/21 17:19:42 thn Exp $
> #
> ARGV=3D"$@"
> REALSCRIPT=3D"/usr/local/apache2/bin/apachectl"
>=20
> case $ARGV in
> start)
> /usr/heimdal/bin/pagsh $0 second-level
> ;;
> second-level)
> /usr/heimdal/bin/kauth -l 8d -t /my/principal/file websrvapache
> echo "Starting apache with kerberos-tickets:"
> /usr/heimdal/bin/klist -T
> $REALSCRIPT start
> ;;
Unless I am missing something, won't this require restarting Apache
every 8 days. A daemon like k5start usually needs to be running to
continually keep the ticket up-to-date.
--=20
Loren M. Lang
lorenl@north-winds.org
http://www.north-winds.org/
Public Key: ftp://ftp.north-winds.org/pub/lorenl_pubkey.asc
Fingerprint: 10A0 7AE2 DAF5 4780 888A 3FA4 DCEE BB39 7654 DE5B
--=-ayISlKIXT2r/BSCZIIep
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQBJQsP33O67OXZU3lsRAqBiAKCHOpdRFipkUfdCLUa3Ap2D00JxpgCg5yDm
y/QI4zJVcEaxYI4hJhP+9M8=
=RYXx
-----END PGP SIGNATURE-----
--=-ayISlKIXT2r/BSCZIIep--