On Tuesday, January 25, 2005 20:17:59 -0500 Kyle Moffett <[EMAIL PROTECTED]> wrote:
Ok, so the requirements are:
1) Shared between multiple processes with sane inheritance
2) Store a pointer to arbitrary arch-independent data structures
3) A unique globally-useable ID to locate a particular combination
of credentials, connection data, caches, etc.
Correct.
As I see it, the keyring system can very simply be dropped in place of the existing setgroups hooks. You can implement your own key_type data structure (struct key_type afs_pag_key_type;) that contains a pointer to an arch-independent AFS structure containing connections, caches, etc. Then instead of a "PAG" id, you would use a "key" id, except you would need to check if the key is of afs_pag_key_type first.
By "key id", you mean the key's serial number? Are these ever reused?
one thing the keyring system _doesn't_ provide is a list of processes that have a certain keyring, primarily because that slows the system down considerably and chews up a lot more RAM. :-D
We don't have that either, for similar reasons.
-- Jeffrey T. Hutzelman (N3NHS) <[EMAIL PROTECTED]> Sr. Research Systems Programmer School of Computer Science - Research Computing Facility Carnegie Mellon University - Pittsburgh, PA
_______________________________________________ OpenAFS-devel mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-devel
