Thanks to those who responded to my previous problem. It seems the
AFS rsh and rcp need to be SUID root. Ahem.
Now, by all means correct me if I am wrong, but isn't the whole
point of having a kerberized in.rlogind, in.rexecd, rsh, login, and rcp
that authentication will be passed along? Maybe not the WHOLE point,
but surely a large one.
The following scenario shows hosts manos and cn10, both of which have
the AFS-provided rlogind, login, ftpd, inetd, rexecd. The new AFS inetd
on cn10 has been started in place of the old HP one.
---------------------------------------------------------------------------
~ : manos 1:44pm > klog
Password:
~ : manos 1:44pm > tokens
Tokens held by the Cache Manager:
User's (AFS ID 30379) tokens for [EMAIL PROTECTED] [Expires Dec 1 15:10]
--End of list--
~ : manos 1:44pm > which rlogin
/usr/ucb/rlogin
~ : manos 1:44pm > rlogin cn10
AFS (R) 3.3 Login
~ : cn10 1:44pm > /usr/ciesin/afs/bin/tokens
Tokens held by the Cache Manager:
--End of list--
~ : cn10 1:44pm >
---------------------------------------------------------------------------
Am I missing something here? Am I mistaken as to my thoughts of what
the purpose of these AFS utilities is? Do others experience this same
thing? I've checked and re-checked to be sure the AFS versions of those
binaries are the ones which are running.
-------
Jeff Blaine
CIESIN Operations
