Am Freitag 17 Dezember 2010, um 15:29:41 schrieb John Tang Boyland:
> Does anyone know of a "sudo" like command for AFS admin commands?
Errh, what about sudo?
You could create a special kerberos principal with a random key ("scripts"),
which is stored in a keytab ("/etc/scripts.keytab"). Also make it an afs user
and put it into system:administrators.
Put the following commands at the beginning of your script:
export KRB5CCNAME=/tmp/krb5cc_scripts
kinit -k -t /etc/scripts.keytab scripts
aklog
and these ones at the end:
unlog
kdestroy
The rest is configuring sudo properly so that only selected users can execute
the script.
HTH...
Dirk
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
