On Mon, Oct 21, 2002 at 12:24:59PM +0200, Ivan Popov wrote:
> What are the functions consisting the layer(s) of the access?

Access to the user and group database is through the 'pdb' (protection
database) layers. You probably don't even have to look at anything
outside of coda-src/al/.

al.h is the 'high-level' interface that is used by auth2 and codasrv.
I'm guessing that only a small subset of the available functions really
is used, the code might just be a bit overdesigned.

pdb.h is the 'low-level' interface, and is probably not all that useful
except if you want to add another 'simple key/value style' db.

> Which daemons do which operations?

Auth2 uses the pdb to map a username to a userid, with kerberos it
checks if the ticket is valid and then returns a Coda token containing
the session key and Coda userid.

Codasrv maps the userid in the incoming connection back to a username,
and does group membership tests for ACL's.

Jan