On Fri, 8 Jun 2007, Adam Megacz wrote:
Derrick J Brashear <[EMAIL PROTECTED]> writes:
-localauth. (but aklog doesn't *require* ptserver; see afslog)
bosserver can't depend on ptserver..
you indicate above that "-localauth" should be used in situations
where bosserver must be used without any running ptservers?
That's bos. i said "bosserver can't depend on ptserver".
Ok, point taken. Still,
How does the bosserver decide you're eligible if there's no ptserver?
Okay, take 2: first, bosserver checks the request to see if it was
directly signed with the KeyFile (ie you invoked bos with -localauth).
Since it has the KeyFile, it should be able to do this without the
help of ptserver. If this is the case, it permits your request. If
not, it tries to contact ptserver. If it is unable to contact the
ptserver, it rejects your request.
Is your concern that in the all-ptservers-are-down case, this leaves a
thread/lwp on the bosserver waiting for a reply from the ptserver? I
guess I can appreciate that that is sort of inelegant, but aren't
there lots of places where stuff like this happens in the server code?
Sure. Why do we want to add more?
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
