According to Michael Niksch:
> > The kas command does not accept the password on stdin, this reduces
> > the options for administrative scripts.
>
> I have read this various times. Strangely enough, we are using stuff
> like
>
> print -- "$adminpassword\n$password\n$password" |
> kas create -name "$userid" -admin "$admin"
>
> successfully in many ksh scripts.
You're right, this can indeed work in AFS 3.4, *BUT* it does not
work always.
Here's what I remember and what I found out after checking back with the
AFS sources. Using ksh or perl for scripting does not make a difference.
I first tried to pipe passwords into kas using AFS 3.3a on an AIX
machine, the error was simply
kas:examine: can't read password from terminal reading password
Using AFS 3.4 piping works IF AND ONLY IF the process has a
controlling terminal. It will not work for cron jobs and processes
that lost their /dev/tty. (It does not even seem to work with
backgrounded processes.)
An explanation for this behaviour can be found in the source file
kauth/read_passwd.c in the function read_pw_string () where the
programmers try to ensure that there is terminal:
int read_pw_string (char *s, int max, char *prompt, int verify)
{
...
#ifdef BSDUNIX
...
if (ioctl(0,TIOCGETP,&tty_state) == -1) return -1;
...
#else
#if defined(AFS_AIX_ENV) || defined(AFS_SGI_ENV)
if ((fi = fopen("/dev/tty", "r+")) == NULL) return (-1);
...
#endif
#endif
...
}
The function goes on print the prompt string and finally reads the
password from stdin, as it turns out. That's why piping works with AFS
3.4. I suspect that earlier versions up to 3.3a really read the
password from the tty.
Summary:
1. The AFS 3.4 kas command on AIX, SGI and BSDUNIX machines allows you
to supply the password on stdin e.g. in a pipe but only if there is a
controlling terminal.
2. The AFS 3.3 kas command (at least) on AIX and Ultrix always read the
password from the tty.
3. Piping may have worked all the time on other machine types.
Btw, expect scripts work because they actually provide a valid /dev/tty
for the programs they spawn.
+gg
--
[EMAIL PROTECTED] Fax: +43/1/31336/702 [EMAIL PROTECTED]
Zentrum fuer Informatikdienste, Wirtschaftsuniversitaet Wien, Austria
