On Thu, Jul 23, 2009 at 07:06:01PM -0400, Josephine Palencia wrote: > Lustre kerberos does not look at $KRB5CCNAME. It assumes that your > kerberos ccache is /etc/krb5cc_N. This problem affects system which > uses kerberos toauthenticate logins. The system complains with a log > error saying that it cannot find a ccache and the user cannot > accessthe lustre filsystem (permission denied with df or any attempts > for IO).
Kernel code can't look at user-land environment variables. On a kernel with keyrings and recent MIT krb5 code the correct behavior should be that the system finds and uses the ccache named in the process' keyring for krb5. > The ideal solution is for lustre kerberos to have something similar to > "afslog" which will look at $KRB5CCNAME and put lustre credentials > somewhere where the system can find them. OpenAFS now does more or less what I mention above. I'm new to Lustre, but I'll take a look and see what's wron with what Lustre's doing. Nico -- _______________________________________________ Lustre-discuss mailing list [email protected] http://lists.lustre.org/mailman/listinfo/lustre-discuss
