[OpenAFS] kopenafs.h and libkopenafs question on status

[mike coyne]

For some background , the version of globus we are using is from the VDT
distibution http://vdt.cs.wisc.edu/  , This a prepackaged globus 4.0.8
as patched by vdt from various sources.
http://vdt.cs.wisc.edu/software/globus/4.0.8_VDT-1.10.1/globus-patched-sour=
ce.tar.gz is the source from vdt.

My Initial problems with the gatekeeper was that using the external
shell service with globus_k5 ( i believe orignaly written to shell out
and get a kerberos token in from gram ), the call to gssklog -setpag
didn't work as the lsetpag function can't change its parent process at
least for linux. So i setout to add a call to lsetpag in globus_k5 prior
to execv 'ing the call to "gssklog" described in its private mapfile.

in had a similar problem in the globus-gridftp-server , int the
globus_i_gridftp_server.c i added some calls to save the current creds,
do a lsetpag, shell a call to gssklog , and the unlink the credintial
cache so a user could do a globus-url-copy to there home directory in
afs.=20

then for wsgram i added the lsetpag and shell to gssklog into the
globus_gridmap_and_execute .c source so that when web stuff fires off
sudo to switch and run as a user, calling globus_gridmap_and_execute
inline so it get their afs token in a new pag in the process and
verifies there creds in the gridmapfile.=20

I probably went about this the hard way but so far it seems to work.=20


On Fri, 2009-06-05 at 10:26 -0500, Douglas E. Engert wrote:
>=20
> Mike Coyne wrote:
> > I have been working on getting globus=E2=80=99s gatekeeper,grid-ftp,gsi=
-ssh etc.=20
> > To work correctly with setting pag=E2=80=99s an shelling gssklog.=20
>=20
> I have not been involved with Globus for years, but wrote gsiklog and the=
n
> gssklog and much of the Globus gatekeeper for Globus version 1.1.3. The i=
ntent
> was for the gatekeeper to call gssklog to get a PAG and token, and it sho=
uld
> have been working in that verison. So I am curious to what has happened s=
ince
> then that requires you have to redo the code.
>=20
> I noticed
> > verifying a bug fix=20
> > http://rt.central.org/rt/Ticket/Display.hml?id=3D124709   that when I=20
> > built a current snapshot with the diff that the kopenafs libs and heade=
r=20
> > file was bult and installed . Will this show up In the release or=20
> > =E2=80=9Cfeatures=E2=80=9D versions? It appears to be maintained since =
abut 2006 and=20
> > would be quit usefull it will be available .
> >=20
> >=20
> > To refraze  the question I have calling lsetpag() after some stats on=20
> > the /afs directory to see if its there.
>=20
> The original gssklog provided a version of lsetpag in gafstoken.c that
> trapped signals if the AFS syscall failed, i.e. AFS was not present on
> the machine. Thus it dod not need any AFS libraries. This was long before
> k_hasafs which might be a beter choice.
>=20
>   And hard linking In lilbsys.a
> >  but if the prefered  interface is  k_hasafs() and k_setpag() should I=20
> > switch.
> >=20
> > =20
> >=20
> > Thanks Mike
> >=20
> > =20
> >=20
>=20