[OpenAFS] OpenAFS on Mac OSX 10.12 Sierra - Menu tool fix

[Benjamin Kaduk]

On Sat, Jan 14, 2017 at 07:27:08PM -0500, Richard Brittain wrote:
> I'm using the Sine Nomine build of OpenAFS for Mac 10.12 and found a fix I 
> needed to make the menu bar padlock tool work.
> 
> Since 10.12 locks down /usr/bin with the new security policies, the 
> installer puts the tools in /opt/openafs/, but the PreferencePane and menu 
> bar tool don't seem to have that in $PATH, even though it is for 
> interactive shells.  So, the padlock tool can't find aklog and tokens. 
> The padlock tool explicitly has /usr/local/bin in the search path for the 
> AFS tools though, so my fix is to just symlink aklog and tokens into 
> /usr/local/bin, and it all seems to work.  This just requires regular root 
> and is permitted by the System Integrity Protection.
> 
> It would be cleaner to get /opt/openafs into the default path for the 
> padlock tool, but I'm not a Mac developer.
> 
> I never found this issue with 10.11, even though it also has System 
> Integrity Protection.

I believe that https://gerrit.openafs.org/#/c/12507/ (which has been merged
to master but not yet the 1.6.x branch) is intended to address this issue.
It is expected to appear in the next 1.6.x release.

Thank you for the report!

-Ben