The handling of the "no PAG" corner case is a bit of a wart on AFS (IMHO). But I think we can actually take advantage of it to make exim work smoothly.
Michael, currently the get-token script runs *before* exim4 setuid()'s itself to a non-root user. Can we change that to execute *after* exim has done a setuid() to the delivery user's userid? I think that would make things work, although not as cleanly as I would like. Here's why it should work: since exim is spawned at boot time and is not invoked via pagsh, it has no PAG. So, provided we acquire tokens *after* switching to the user's userid, those tokens will belong to all non-PAGged processes with that userid on that machine. Here's why it is not as clean as I would like: my major concern at this point is that hcoop doesn't use runsv(8), so if some admin does an "/etc/init.d/exim4 restart" and that admin's bash has a PAG, exim will inherit the PAG. That could be bad. I don't know if there's a way to have a process eliminate its PAG (and thereby move to the "no PAG" case). - a -- PGP/GPG: 5C9F F366 C9CF 2145 E770 B1B8 EFB1 462D A146 C380 _______________________________________________ HCoop-SysAdmin mailing list [email protected] http://hcoop.net/cgi-bin/mailman/listinfo/hcoop-sysadmin
