Derrick Brashear wrote:
On Tue, Apr 13, 2010 at 4:59 PM, Jacob Ela <e...@cs.wisc.edu> wrote:
Greetings All,
I've been looking for some information on this because someone else has
probably run into a similar issue, but I haven't found much that is recent or
pointed towards solving the problem - though I've found some old email that
suggests where this originates from...
I've got a Mac Mini lab running OSX 10.6.2 and OpenAFS 1.4.11 (but also have
seen this on a MacBook running 10.6.3 and 1.5.73.3). User's home directories
live in AFS, and users get Kerberos/AFS credentials at login.
I'm seeing on the Macs that all the unix file permissions on files in AFS are
shown as 666, and from the old emails I've found I'm just guessing that this is
to make AFS ACL's play nicely with the Finder (or rather the other way around).
This has the unfortunate side effect that my users can't use SSH on the Macs,
as the reported permissions on their ~/.ssh/config file suggest it is group and
world writable. This causes SSH to error out when a user attempts to connect
to another computer because of insecure config file permissions. Trying to
chmod the file from a Mac doesn't change the unix permissions as they are
reported to the Mac, though Linux hosts can see these new permissions.
Has anyone run into something like this? Is there a way to change the
permissions AFS reports to OSX, or is there a work around I'm failing to see?
Check out the RealModes setting. Edit
/var/db/openafs/etc/config/settings.plist, and rerun
/var/db/openafs/etc/config/afssettings as root.
Is this documented somewhere?
Jason
_______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info
