[OpenAFS-port-darwin] Kerberos 5 aklog KfM plugin

Nicholas Riley njriley@uiuc.edu
Mon, 21 Jul 2003 00:54:27 -0500


Hi,

I've merged together Alexei Kosut's aklog KfM plugin and the Kerberos
5 compatible aklog code from <http://web.mit.edu/openafs/>.  This lets
users with home directories in AFS log in and receive tokens
automatically.

The plugin source is here:

    <http://www.acm.uiuc.edu/admin/afs/kfm_aklog_krb5.tar.gz>

Use Project Builder or pbxbuild to build; to install, pbxbuild install
DSTROOT=/.  (This assumes you can sudo; type your password if
necessary.)

Unlike Alexei's plugin, this version does not unlog on logout.

One anomaly you may notice is that the plugin code runs twice on login
in two different SecurityAgent processes, failing the first time
because no Kerberos ticket exists.  These correspond to the two
mentions of 'krb5:' in /etc/authorization.  I wasn't able to find any
way to distinguish between the two executions, and since the problem
does not effect functionality, it should not be a major issue.  If
anyone knows how I can fix this, I'd be happy to do so.

-- 
=Nicholas Riley <njriley@uiuc.edu> | <http://www.uiuc.edu/ph/www/njriley>
        Pablo Research Group, Department of Computer Science and
  Medical Scholars Program, University of Illinois at Urbana-Champaign