[OpenAFS-port-darwin] Re: port-darwin digest, Vol 1 #81 - 1 msg

Ragnar Sundblad ragge@nada.kth.se
Thu, 10 Jul 2003 20:58:37 +0200 

(This thread slipped of the mailing list somewhere.)

I did an attempt to collect what I think is the latest and
greatest of (most of) our different hacks for using Mac OS X
machines as any other unix afs client in our environment.

--On den 9 juli 2003 23:51 +0200 Ragnar Sundblad <ragge@nada.kth.se> wrote:

> I wouldn't really call it a series of tasks, and it doesn't do
> anything as root. The lock screen app only grabs the screen
> and keyboard and authenticates with ordinary kerberos
> calls. It runs until someone enters a password that makes the
> kerberos authentication happy. There is nothing special about
> it, more than the calls to grab the screen maybe.

(Maybe I should add that it is only the logged in user that
can unlock the screen.)

The source to this can now be found at:
<ftp://ftp.nada.kth.se/pub/home/ragge/mosx/lockscreen.030810.tgz>

> We get tokens with the afslog plugin which works exactly
> as Alexei's plugin,

This can now be found here:
<ftp://ftp.nada.kth.se/pub/home/ragge/mosx/afslog-krbafs12.0.0.1d1.src.tgz>
You also need to get the krbafs library from here:
<http://web.mit.edu/openafs/krbafs/>

> transfer the tickets from MIT cache to the
> heimdal cache with a program that runs as the user at login time,

<ftp://ftp.nada.kth.se/pub/home/ragge/mosx/copyccache.030810.tgz>

> and the ticket renewal thing is a cocoa app of its own, that the
> user see in the dock (and can quit if he/she wants to).

<ftp://ftp.nada.kth.se/pub/home/ragge/mosx/krbmonitor.030810.tgz>

Other stuff:
Utility to set rendezvous name and user friendly computer
name from the local hostname (which is set via dhcp):
<ftp://ftp.nada.kth.se/pub/home/ragge/mosx/scsethostname.030810.tgz>
We run this from a startup item (which is also in this tar ball).

Utilities to in a hopefully failsafe way create temp dirs
in /tmp and /var/tmp and create links in the user's home
directory to those (were initially made for the MSIE cache
problem):
<ftp://ftp.nada.kth.se/pub/home/ragge/mosx/mkfoo.030810.tgz>
We run this from the login hook (which is also in this tar ball).

We also have a small app that runs as a login item for all users
and in turn runs our "/etc/userlogin.sh".
I can't find the source for it right now, but it can be
reconstructed in under 1 minute in project builder by adding
 system("/bin/sh /etc/userlogin.sh");
to an empty project.
Our userlogin.sh can be found here:
<ftp://ftp.nada.kth.se/pub/home/ragge/mosx/userlogin.030810.sh>

Maybe someone finds some of it useful. We will try to
put them in a better place soon.

I now realized that this is a afs mailing list, why am I
giving you ftp urls? :-)
Of course you can find it under /afs/nada.kth.se/home/staff/ragge/out/mosx 
too.
Our Mac OS X distribution is under
/afs/nada.kth.se/ppc_macosx/10.2/
This is where our machines get their data and configuration.
We update the machines with themis (a package style tool
that originally came with the Arla afs client). You will sadly
not be able to read most if it though, since there are
copyrighted stuff in there.

/ragge