Please clarify "for AFS if it survives long enough"....
tedc -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sam Hartman Sent: Tuesday, January 27, 2004 4:27 AM To: Jeffrey Hutzelman Cc: Henry B. Hotz; Douglas E. Engert; [EMAIL PROTECTED] Subject: Re: [OpenAFS-devel] Re: OpenSSH, OpenAFS, Heimdal Kerberos and MIT Kerberos >>>>> "Jeffrey" == Jeffrey Hutzelman <[EMAIL PROTECTED]> writes: Jeffrey> On Monday, January 26, 2004 11:23:34 -0800 "Henry Jeffrey> B. Hotz" Jeffrey> <[EMAIL PROTECTED]> wrote: >> Isn't the reason this keeps coming up that AFS client doesn't >> (can't?) behave like a normal Kerberos application and just >> get it's own service ticket when it needs one (based on an >> existing tgt)? The real reason this doesn't happen is that >> tickets are stored in a file in /tmp, but it's a different set >> of file system code inside the kernel that would need to access >> it to request the service ticket. Jeffrey> No; it's not that simple. Making the cache manager Jeffrey> access ticket files would require first gaining a Jeffrey> Kerberos dependency that we don't already have, and then Jeffrey> importing lots of code into the kernel, much of which Jeffrey> depends on network and filesystem interfaces that simply Jeffrey> don't exist in kernel mode. Or taking the Kerberos dependency and having a up call into userspace for credential management. I don't dispute that doing so is a lot of work, but discarding what seems like a necessary step for AFS if it survives long enough when discussing solutions seems poor. _______________________________________________ OpenAFS-devel mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo/openafs-devel _______________________________________________ OpenAFS-devel mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo/openafs-devel
