Coda File System

Re: modular clog + kerberos uid mis-match

From: <u+codalist-wk5r_at_chalmers.se>
Date: Mon, 8 Mar 2010 09:20:20 +0100
Hi Don,

On Wed, Mar 03, 2010 at 02:57:42PM -0800, Don disguised as root wrote:
> >What does your /vice/auth2/AuthLog say at the time of clog?
> 
> 18:13:01        vid = 83886
> 18:13:01 AuthNewConn(0x7da9cdba, 0, 66, 2, 83886)
> 22:11:47        vid = 484
> 22:11:47 AuthNewConn(0x72199dd5, 0, 66, 2, 484) 
> 
> Where is coda getting this ID?  Clearly it believes there is a 484, but 
> executing:  pdbtool export /tmp/file1 /tmp/file2; grep 484 /tmp/file?
> results in null output. 

It is Kerberos who produces the account name from the ticket the auth
daemon acquires with the help of the data sent by the client. If Kerberos
would happen to produce a string "484", then the suthentication daemon
takes it literally and transforms to the numerical id.

To make it easier to analyze I wouls ask you to make the corresponding
clog using Coda password. You do not have to change anything in the setup,
just create a password for an account and tell clog to use the codapassword
method.

> >Does it happen even if you use Coda password authentication?
> 
> Yes.  I don't have the output handy on that one, but there's no change. 

I would like to see both the command log on the client and the authd log
on the server.

> Very much waiting for assistance on this one. 

Let us make the situation as simple as possible. Would you avoid
using any .codafs/clog/.... and supply all of the options on the command line?

Regards,
Rune
Received on 2010-03-08 03:21:05