[OpenAFS-port-darwin] Re: Example of the "correct" way to get tokens for Finder on login...
Ernest Prabhakar
prabhaka@apple.com
Wed, 8 Mar 2006 13:36:38 -0800
Hi Everette,
I asked around, and the best way to do this is probably to use some
sort of hook into loginwindow. The simplest way may be to use PAM on
Mac OS X. Unfortunately, I'm not sure where the documentation for
that would be. Here's one possible resource:
http://weblog.bignerdranch.com/?p=6
You might try to find someone who understands PAM., to see if they
can help. We'll try to take a look, but I can't say for sure when.
Best,
-- Ernie P.
On Mar 7, 2006, at 11:06 AM, Everette Allen wrote:
> Ok so looks like the windows folks are using Windows Login Scripts
> as the OpenAFS blessed way of getting tokens on login. So my
> question is what is the OpenAFS blessed way of doing this on MacOS
> X and can someone post an example that is working for them? The
> equiv. to windows is of course the login hook set with sudo
> defaults write /var/root/Library/Preferences/com.apple.loginwindow
> LoginHook "/private/etc/hooks/login.hook"
> except I could not get that mechanism to work with aklog
> Then I follow the suggestion of using system (not user)
> LaunchAgents from launchd and had some success there(see attached
> plist) but found that if a user does unlog then logs out (10.4.4 at
> least) they do not get new tokens on the next login unless a
> different person has logged in or a reboot has happened. Not good
> either.
> So what is the "blessed" reliable mechanism? I need to use afs
> folders as home with 10.4.x on ppc and i386.
> ----
>
> <?xml version="1.0" encoding="UTF-8"?>
> <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN"
> "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
> <plist version="1.0">
> <dict>
> <key>Label</key>
> <string>edu.ncstate.aklog</string>
> <key>ProgramArguments</key>
> <array>
> <string>/usr/bin/aklog</string>
> <string>-c</string>
> <string>unity.ncsu.edu</string>
> <string>-c</string>
> <string>eos.ncsu.edu</string>
> <string>-c</string>
> <string>bp.ncsu.edu</string>
> </array>
> <key>RunAtLoad</key>
> <true/>
> <key>ServiceDescription</key>
> <string>gets afs tokens for cells at ncstate</string>
> </dict>
> </plist>
>
>
> ----
> --
> Everette Gray Allen Systems Programmer II
> ITD Computing Services Macintosh Support Specialist
> 2620 Hillsborough St, Campus Box 7109
> Raleigh, NC 27695-7109 AIM: EveretteAlln
> 919-515-4558 Everette_Allen@ncsu.edu