"Mike Marques" <[EMAIL PROTECTED]> writes:
> "Jack Goldstein" <[EMAIL PROTECTED]> writes:
> > For the second (allowing users to do vos releases), I set up
> > a services account on our AFS server that allows users to rsh to it
> > without a password. The account shell is a special program that
> > will perform one of a small set of privileged services.
> How does this program gain the privileges to perform these actions?
> Something like the reauth daemon? Or something less or more involved?
On an AFS server, anyone who can read /usr/afs/etc/KeyFile can perform
"vos release <volume-name> -localauth".
Joe Jackson,
AFS Product Support,
Transarc Corp.
