I am making the code for my program, lat available with the
warning that it is NOT yet fully tested, and that it is a trial
system. Hopefully, with your feedback, we can make a practical
tool out of it that we can all use.
For a complete description of lat, please see the lat paper,
available via anonymous ftp from citi.umich.edu
path: /usr/ftp/public/techreports/PS.Z/citi-tr-93-1.ps.Z
of in afs:
/afs/umich.edu/group/itd/citi/public/techreports/PS.Z/citi-tr-93-1.ps.Z
Instructions for getting and using lat:
If you already use Kerberos version 4, jump to step 3.
You will need to be familiar with installing Kerberos
services (in the MIT documentation) in order to install
lat.
1. Get Kerberos Version 4
- ftp to athena-dist.mit.edu, and get the
kerberos README file for version 4.
Follow those instructions.
2. ftp to citi.umich.edu and cd to /lat
and get lat.tar.Z
3. replace the kerberos/src/appl/sample
directory with the files extracted from
lat.tar.Z
4. Build kerberos Version 4 according to the instructions
from MIT.
5. Edit /etc/services and add lat and latrun as root the
same way other services are added (according to MIT)
6. Also, make sure that latrund is running on the secure
machine running Kerberos (or your afs authentication server)
7. Read the man pages for useage of lat and the utilities
(lat.1, latd.8c, latutil.1)
Notes:
1. Use aklog to stuff kerberos tickets into the kernel as
AFS tokens.
2. I have not yet installed the automatic use of aklog into
lat. I will put out a newer version later, but it should be
simple if you want to experiment. A fork and exec when new
tickets are recieved by latrun should do it. I am putting
this out just to make my code available as soon as possible.
3. In my version, I changed kerberos ticket files to be
krbtkt4600 instead of tkt4600 in /tmp where 4600 is a uid
so as not to conflict with afs ticket files in our system.
Feel free to customize this change to your environment.
4. Please let me know if you begin using lat and if you have
any problems getting it running. I would like to know how many
people are using it, and what the experiences are with it.
Avi Rubin
