AFS support
Thomas J. Moore
thomoore at iupui.edu
Mon Jan 23 19:43:54 GMT 2006
On 01/23/2006 01:52 PM, Volker Lendecke wrote:
>On Mon, Jan 23, 2006 at 10:19:08AM -0700, Steve Holstead wrote:
>
>
>>I don't think this is completely true. We use setpag() with our terminal
>>servers. However, they will only work if the MS hotfixes are applied. The
>>fixes turn off the userid multiplexing.
>>
>>http://support.microsoft.com/default.aspx?kbid=818528
>>
>>
>
>Yes, you can turn multiplexing off. I'm a bit afraid of activating that however
>because the protocol still allows multiple user ids over that socket, and we
>could not fulfil the corresponding requests properly. I'd be happy to do it
>with a parameter that defaults to no.
>
>
Sorry I brought it up -- I see now that it was already in the bugzilla
database (#1971 resolved/wontfix). I do think that adding a run-time
option is a good idea, but I don't think requiring users to patch their
systems and/or set an obscure registry entry is the best route. I was
going to suggest switching pags when switching user IDs, but the API to
do that is not exposed (although it might be possible using similar code
to afs_{set,get}pag_val, if the pag gc doesn't interfere). I suppose
making samba spawn a process for different users even when managing a
single connection would be too much to ask. A few things that might be
nice, though, would be to actually document the "afs token lifetime"
option in the smb.conf man page (bug #2151 was closed w/o docs), and if
the run-time setpag option is added, perhaps also explicitly unlog on
connection termination rather than rely on the gc or token lifetime
(unlog would obviously only work with setpag).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3456 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.samba.org/archive/samba-technical/attachments/20060123/69199e7c/smime.bin
More information about the samba-technical
mailing list