Coda File System

Re: Automated clog in login scripts

From: Jason A. Pattie <pattieja_at_pcxperience.com>
Date: Tue, 24 Feb 2004 10:34:25 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jan Harkes wrote:
| On Mon, Feb 23, 2004 at 03:28:30PM -0600, Jason A. Pattie wrote:
|
|>What would it take to setup .login or .bash_login or .bashrc, etc. to
|>automatically detect that a user logging in has or does not have a token
|>and then prompt them for a token authentication (via clog)?  I'm
|
|
| You probably wouldn't want to do that in a .bashrc, because then even
| non-interactive shells would need to deal with passwords. One problem is
| that we really don't know which 'Coda realms' the user might be
| interested in having tokens for.
|
| I just added a change to CVS where ctokens will return success/failure
| if it is queried for the tokens of a specific realm, i.e.

Thank you!

|     ctokens @coda.cs.cmu.edu
|     echo $?
|
|     $? == 1  Not Authenticated / token expired
|     $? == 0  Valid token
|
| So you could use this as,
|
|     realm=myrealm.name
|     if ctokens @$realm > /dev/null 2>&1
|     then
| 	clog @$realm
|     fi
|
| I'm not sure what the appropriate exit code would be when listing the
| tokens for all known realms, so that always returns success. For now the
| the following would work pretty much the same way with the existing
| ctokens.
|
|     ctokens @realm 2>&1 | grep Expiration > /dev/null
|     if [ $? -ne 0 ] ; then clog @realm ; fi
|
|
|>them enter their passphrase to obtain a valid token.  I will also need
|>to know whether they are starting in disconnected mode or not to be able
|>to determine (based on hostname, I would assume) if I pull an
|>authentication token using '-fromfile' or automatically use '-tofile'.
|
|
| Hmm, that does complicate things a bit, because disconnection/connection
| is really on a per-volume basis, and as such we don't really know
| whether we are connected until we try to access the servers.
|
| Maybe add some kind of `(f)ping -c 5 servername` test?

What about 'cfs checkservers'? or similar?

- --
Jason A. Pattie
pattieja_at_xperienceinc.com
Xperience, Inc. (http://www.xperienceinc.com)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org

iD8DBQFAO30RuYsUrHkpYtARAhA7AJwKmG+Uq+YGdBPoRLOM9HNCtVbM6gCeKgHX
KBtePb7fw/gMIDvlVOwWl9k=
=OlNz
-----END PGP SIGNATURE-----


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.
Received on 2004-02-24 11:36:47