(Illustration by Gaich Muramatsu)
On Tue, 10 Feb 1998, Peter J. Braam wrote: > > > On Mon, 9 Feb 1998, Steven N. Hirsch wrote: > > auth2 server? I'll read the docs and find out how to do this. I guess I > > assumed that if I wasn't authorized, I wouldn't be able to read/write Coda > > at all! > > No, a volume is always created with all rights for anyone in the ACL. The > system administrator corrects this when mounting. So a standard volume > for braam, mounted on /coda/usr/braam would get > > cfs setacl /coda/usr/braam braam all System:AnyUser rl > > New directories inherit the acl from the parent. > > There are a number of problems with unauthenticated operation of Coda > (which we will look at, but they are not on our urgent list) having to do > with the fact that re-integration requires tokens. If your bandwidth fell > briefly, you could have a problem, unless you have tokens. > Ok, I spent the better part of an hour today fighting with setup of the authentication database. Everything works as advertised (save for a few typos in the manual - more below), but no matter what I try it refuses to authenticate me.. Let me outline the steps: Log into the SCM machine as root. Ensure that it has venus running and can properly see the server volume. /vice/db/passwd.coda: 600<TAB>mypassword<TAB>hirsch /vice/db/user.coda: hirsch::600::Steven N. Hirsch:: /vice/db/group.coda: System:Administrators<TAB>-204<TAB>hirsch Note: There is no documentation on the group file format and, in particular, the numbering scheme. Change directory to /vice/db and follow the steps in Sec. 7.7.1 of the documentation. At this point, still logged in as root, I attempt to run: au -h <my_scm> nu I enter "hirsch" as my vice id, then my password. Authentication fails with: RPC2_bind -> RPC2_notauthenticated (F) Next, I log into another client as "hirsch" and try again. It still fails with the same message. >From the logs: 19:53:01 In PWGetKeys() 19:53:01 vid = -1 19:53:01 Authentication failed for "hirsch" from 50.244.168.192 20:11:56 In PWGetKeys() 20:11:56 vid = 600 20:11:56 Authentication failed for "hirsch" from 57.244.168.192 ********************************************************************* Errata: Sec. 7.7.1 groups.coda is actually group.coda (singular) as installed by rpm Sec. 11.1.1 groups.coda --> group.coda pwd2pdb is shown with a '-p' flag. This wants to be '-u'. Sec. 11.1.2 Step 3 is a bit confusing. Why is 'mvdb' necessary if one has just created the files in the target directory? ******************************************************************* Hopefully, I'm just being dense and overlooking a step. Advice appreciated.. SteveReceived on 1998-02-10 20:22:23