For those of us that have adm installed, it ought to be simple to
have an executable which can run privileged commands, since we
can authenticate as adm.admin without having exposed passwords.
To try this out, I wrote a program which does this:
struct afsconf_dir *dir;
struct afsconf_keys keys;
struct ktc_token token;
setpag();
dir = afsconf_Open("/usr/afs/admsrv");
if (!dir) {
In this case an error has occurred, whose handling is immaterial.
}
afsconf_GetKeys(dir, &keys);
afsconf_Close(dir);
Now all of this seems to work. For example, at this point
keys.key[keys.nkeys - 1].key appears to contain the latest key
for adm.admin. But when I try to use that key to get a token, it
doesn't seem to work. For example,
ka_GetAdminToken("adm", "admin", "mcc.ac.gb",
&keys.key[keys.nkeys - 1].key, 90000, &token, 1);
does not get a token, and does return the value 180490, which I
presume to be an error message. Can anyone explain this?
Incidentally, it is not clear to me what the difference is between
an admin token and an authentication token.
-- Owen
[EMAIL PROTECTED]
