On Sun, Apr 01, 2007 at 09:12:44AM -0400, Justin S. Leitgeb wrote: > Hi, > > I just happened to notice the following error when I type the "groups" > command on deleuze: > > [EMAIL PROTECTED]:~$ groups > jsl_admin bind_config id: cannot find name for group ID 1107251924 > 1107251924 > > Unfortunately I still don't understand enough about the authentication > setup to troubleshoot further, I just wanted to toss this out to the > group in case anyone else has an idea.
OpenAFS adds support for PAGs - Process Authentication Groups. In essence, if you do not create a PAG and you kinit/aklog, the tickets will be valid for any process running under your account ID. But if you do have a PAG, then tickets/tokens will work only for processes that are also members of the PAG group. (Usually the sub-processes of your top level shell). SSH automatically creates the PAG when you log in, and that PAG is visible as one or two Group IDs which don't have any name (since they're not real groups)... you can see that if you type 'id'. The 'groups' command obviously wants to find the name of those groups, which don't exist in the real sense of the word, and gives those errors. Adam Megacz already did some patches to nss-ptdb, it would be super cool if maybe he could write a patch for this too.. Say, Group ID 1107251940 (some random pag), could translate to group name PAG_1107251940 . Cya, -doc _______________________________________________ HCoop-SysAdmin mailing list [email protected] http://hcoop.net/cgi-bin/mailman/listinfo/hcoop-sysadmin
