On 16 Mar 2010, at 13:01, Rainer Toebbicke wrote: > In 1.4.11, under Linux >= 2.6.18, the setpag() routine allocates a new > session keyring and afs pag with the KEY_ALLOC_IN_QUOTA flag.
I think Marc has partially addressed this with a3812f211a56c0d6e0a7ff8a97f157707d3d8c28 - this missed the 1.4.12 merges, but should go into 1.4.13. As the review comments on that change note, we still need to think further about session keyrings. The issue with a session keyring is that it's correct to create it with the user's quota - providing that setpag() is called as the user who's eventually going to use it. The problem is that some PAM modules run setpag() as root, and so use up root's quota, rather than that of the end user. > Besides the problematic debugging (this fails silently when over key-quota) This is RT 126230, and is fixed by 0caf14224a9153bb488be9e52d67892a2c441a5a (again, this was committed after 1.4.12 was cut) S. _______________________________________________ OpenAFS-devel mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-devel
