On Wednesday, November 15, 2006 12:21:53 PM -0800 Russ Allbery
<[EMAIL PROTECTED]> wrote:
Ryan Underwood <[EMAIL PROTECTED]> writes:
On Fri, Nov 10, 2006 at 03:43:11PM -0600, Ryan Underwood wrote:
What Linux kernel and what OpenAFS version are necessary for the
keyring pag support? I am using 2.6.16 and OpenAFS 1.4.2 and pags are
still not being preserved across fork.
Interesting. It appears that an authenticated shell can fork and exec
another process and that process has tokens, but an authenticated shell
that forks and execs another shell results in a child shell with no
tokens. What would cause that?
I have no idea with keyrings, but if groups were being used, that sounds
exactly like the symptoms of not being able to interrupt the setgroups
system call. Shells often call initgroups when they're started, which
will drop the PAG groups unless the setgroups system call is successfully
intercepted.
Um, setgroups is privileged; ordinary shells don't get to call it.
Unless your uid is 0, or whatever passes for that on your system.
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
