[OpenAFS] Authentication without aklog

[David Howells]

chas williams - CONTRACTOR <chas@cmf.nrl.navy.mil> wrote:

> Not impossible for Linux.  I believe that the Linux keyring code
> allows for down calls from the kernel to user space in order to ask
> something to insert the appropriate keys (see keys-request-key.txt in
> the Linux kernel).

Yes.  request_key() will call out to userspace to instantiate a key it doesn't
have yet, passing the caller's keyrings over so that the TGT can be retrieved.

David