Hi,
I'm running Solaris 2.5 with 3.4a sun4x_55 distribution and require to
associate AFS tokens with running daemon. I have programs to klog at
root to acquire the token and make 'root' uid with 'admin' token. However,
the token will disappear before the tokens should expire. I set the
admin's max lifetime to be 720 hours, it seems it will disappear after
1 or 2 days, or even several hours. Does anybody come across the problem?
How can it overcome? Does it help if I set the max. lifetime to be
smaller value and re-authenticate more frequent?
As the daemon will fork other process and setuid to user to run user's
program, it has security concern if I associate the tokens with PAG
instead of uid.
Thanks!
=======================================================================
Lai Yiu Fai | Tel.: (852) 2358-6202
Centre of Computing Services | Fax.: (852) 2358-0967
& Telecommunications | E-mail: [EMAIL PROTECTED]
|
The Hong Kong University of | Clear Water Bay,
Science & Technology | Kowloon, Hong Kong.
