Coda File System

Re: modular clog + kerberos

From: root <coda_at_voidembraced.net>
Date: Thu, 21 Jan 2010 12:51:28 -0800
>> At first it asks for the account and password of a user with sufficient
>> privileges. The user has to be a member of System:Adminstrators.  
>> 
>> "realmadmin" is such an account, and the installation script tells you
>> the password :)
> 
> Unfortunately, I do not have that password.  In the interest of time,
> I'll assume that there is no way to reset this password and will
> reinstall coda.  Once I have the password, I'll create my non-realmadmin
> admin for kerberos auth, and my non-realmadmin admin for password auth.

shutdown codaservice, moved /vice out of the way and ran the installer 
again.  The installer reported the standard coda password upon completion 
(not randomly generated as I had assumed).  As such, I shut down the new 
codaservice, deleted the new /vice, moved the old /vice back in place, and 
started codaservice. 

The following is the au dialog: 

[root_at_sandbox2 ~]# au -h sandbox2.host.domain nu
Your Vice name: realmadmin
Your password: [default coda admin pw]
RPC2_Bind() --> RPC2_SUCCESS
Vice user: coda_admin_w_pw
New password: [random_known_pw]
New info: temp user
AuthNewUser() --> AUTH_SUCCESS 


Hooray, success!
Next, try to auth using clog from client host: 

[root_at_sandbox3 ~]# clog -method codapassword coda_admin_w_pw_at_coda.realm 
 -tokenserver sandbox2.host.domain 370
Password for coda_admin_w_pw/default_at_coda.realm: [random_known_pw]
[root_at_sandbox3 ~]# ctokens 

Tokens [local user id: root] 

[root_at_sandbox3 ~]# ll /coda
total 0
[root_at_sandbox3 ~]# ll /coda/coda.realm
lrw-r--r-- 1 root 65534 16 2010-01-20 21:12 /coda/coda.realm -> #@coda.realm
[root_at_sandbox3 ~]# ll /coda
total 0 


Logs show successful auth:
[root_at_sandbox2 ~]# cat /vice/auth2/AuthLog
20:29:14 	vid = realmadmin_uid
20:29:14 AuthNewConn(0x17c366d5, 0, 66, 2, realmadmin_uid)
20:31:39 	vid = coda_admin_w_pw_uid
20:31:39 AuthNewConn(0xa7e2f2b, 0, 66, 2, coda_admin_w_pw_uid) 

sandbox2:/vice/srv/SrvErr = 0 bytes 

sandbox2:/vice/srv/SrvLog =
20:23:58 File Server started Thu Jan 21 20:23:58 2010 

20:23:59 New Data Base received
20:30:03 New Data Base received 


The sandbox2:/vice/server.conf still has the kerberos lines uncommented, 
shall I comment them out?  There is also this auth2 related line which was 
uncommented while following instructions for kerberos:
AUTH2=authd-auth2 

 

What do I do next? 


Regards,
 -Don
{void} 
Received on 2010-01-21 15:52:17