[HCoop-SysAdmin] exim delivery and afs authentication

Sat, 17 Mar 2007 10:58:51 -0800 

[note: after I finished writing all this, I came up with what I think
       is a simple solution.  I'll post that in the next email; you
       might want to just skip to that one]

I'm going to post a brief explanation here of what hooks are required
for AFS authentication, in the hopes that somebody who understands
exim better than I can figure out where they ought to go in the exim
configuration.

How AFS authentication works:

  AFS manages the token-to-process mapping using a really nice concept
  called a PAG.  Think of a PAG as a third number associated with every
  process (in addition to uid and gid).  Every process inherits the PAG
  of its parent process.  You can fork a child with a "fresh" PAG (ie a
  newly allocated PAG) by using "pagsh" -- note that this does not
  change the PAG of the calling process, the same way that "su" does not
  change the uid of the calling process.  Any tokens acquired by a
  process are bound to its PAG, and therefore available to any other
  process with the same PAG.
  
  There's also one corner case: when the machine boots, the root
  process (init) has no PAG at all.  Any of its children which are not
  "pagsh" will also have no PAG at all.  If tokens are acquired in a
  process which has no PAG, those tokens are associated with all
  processes under the same USERID which do not have PAGs.  It's
  probably worth reading that last sentence twice.

How Exim delivery works:
  
  Exim (among many other things) listens to port 25.  When it decides
  that it is time to deliver some message locally, it spawns a
  subprocess "exim -Mc" to handle that job -- this way a delivery script
  that runs for a long time doesn't block other deliveries.  That child
  setuid()s itself to the hcoop user's uid, invokes any mail filtering
  scripts, deposits the email in the Maildir, and then dies.

  Mwolson has set up a great hook for causing the forked "exim -Mc" to
  acquire tokens.

Unfortunately, we need one more thing -- we need to make sure that the
forked "exim -Mc" processes each get their own PAG.  It's not clear to
me that this can be done without editing exim's source code, which is
a fairly unattractive option.

Any ideas on how to deal with this?

[note: see next email for possible temporary solution]

  - a

-- 
PGP/GPG: 5C9F F366 C9CF 2145 E770  B1B8 EFB1 462D A146 C380


_______________________________________________
HCoop-SysAdmin mailing list
[email protected]
http://hcoop.net/cgi-bin/mailman/listinfo/hcoop-sysadmin

Reply via email to