Coda File System

Re: modular clog + kerberos

From: root <coda_at_voidembraced.net>
Date: Thu, 21 Jan 2010 04:16:11 -0800
>> [root_at_sandbox3 ~]# ctokens  
>> 
>> Tokens [local user id: root]  
>> 
>> [root_at_sandbox3 ~]# clog -method kerberos5 coda_admin_user_at_coda.realm 
>> -tokenserver sandbox2.host.domain 370 -krealm KERBEROS.REALM -kdc 
>> sandbox2.host.domain -servprinc coda/coda.realm
>> Password for coda_admin_user/default_at_coda.realm:
>> [root_at_sandbox3 ~]# ctokens  
>> 
>> Tokens [local user id: root]  
>> 
>> [root_at_sandbox3 ~]# ls /coda/
> 
> That looks bad. You should see a token but there is nothing? 
> 
>> So, no errors on clog!  Progress! 
> 
> Not as much, unfortunately :) 
> 
>> why can't I see /coda/coda.realm? 
> 
> Normally you do not see a Coda realm until you supply its name to "ls",
> but clog is usually sufficient to make it appear. 
> 
> Can you manage to get tokens with coda password instead?
> I guess there is some other problem, possibly not Kerberos-related.

Found the following for setting the password for a new user:
http://www.coda.cs.cmu.edu/doc/ps/manual.ps.gz 

Apparently you create the user via pdbtool (already done).  Then set the 
password by issuing an "au" command (something you had also mentioned in an 
earlier correspondance). 

I have created users with pdbtool, so that is done.  However, I am unclear 
whether the following "au" dialog is asking for an admin user/pass or 
whether is is asking for the actual user/pass of the new user.  Either way, 
it doesn't work: 

[root_at_sandbox2 ~]# au -h sandbox2.host.domain nu
Your Vice name: newly_created_coda_user_at_coda.realm
Your password:[blank]
RPC2_Bind() --> RPC2_NOTAUTHENTICATED (F) 

[root_at_sandbox2 ~]# au -h sandbox2.host.domain nu
Your Vice name: newly_created_coda_user_at_coda.realm
Your password:[random_password]
RPC2_Bind() --> RPC2_NOTAUTHENTICATED (F) 

[root_at_sandbox2 ~]# au -h sandbox2.host.domain nu
Your Vice name: coda_admin
Your password:[blank]
RPC2_Bind() --> RPC2_NOTAUTHENTICATED (F) 

[root_at_sandbox2 ~]# au -h sandbox2.host.domain nu
Your Vice name: coda_admin_at_coda.realm
Your password:[blank]
RPC2_Bind() --> RPC2_NOTAUTHENTICATED (F) 

[root_at_sandbox2 ~]# au -h sandbox2.host.domain nu
Your Vice name: kerberos_admin_at_KERBEROS.REALM
Your password:[blank]
RPC2_Bind() --> RPC2_NOTAUTHENTICATED (F) 

Beyond not knowing the format of the user to type in and which user/pass 
(though I'm pretty sure it is asking for auth info for sufficient writes to 
update the coda password db), I do not know what the default coda password 
is for newly created accounts.  Similarly, I do not know the password for 
the default coda user "realmadmin" (created by install, but I don't recall 
setting a password?). 


>> Also, I'd like to clarify whether a "coda.realm" is what this page refers 
>> to as "Coda volume":  
> 
> No. A Coda realm is definitely a totally different thing than a Cdoa
> volume. 
> 
>> http://www.coda.cs.cmu.edu/trac/wiki/CodaHOWTO/Introduction 
> 
> Oh terrible thing, they call a Coda realm for "Coda cell" in this
> document.  Really confusing. 
> 
> This page is clearly many years out of date. It is certainly misleading
> for an inexperienced reader.

I think that ought to be the motto for coda. 

It is encouraging to see that it has already been updated. 


Regards,
 -Don
{void} 
Received on 2010-01-21 07:17:08