On Thu, 31 Jul 2014 20:41:08 +0000 Brandon Allbery <ballb...@sinenomine.net> wrote:
> I think this also kills off PAGs pretty effectively, unless the > equivalent of rpc.gssd has some privileged access to all PAGs and a > way to map a given access to its PAG. This certainly would have information about PAGs, since it goes through the kernel module. But anyways, I think the idea that this makes PAGs useless is only really at all true for the first option I mentioned (global rpc.gssd-like behavior). And even then, pags still seem like they can be used to a limited degree, but maybe not as usefully. As in, the rpc.gssd-like behavior can be a fallback, but you can still explicitly set tokens; so different pags could still have different credentials in them. And like you mentioned, some people don't care about PAGs, so even if this makes PAGs useless, that's not necessarily a problem. -- Andrew Deason adea...@sinenomine.net _______________________________________________ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info