Re: [9fans] factotum-secstore

Re: [9fans] factotum-secstore

[Eric Grosse]

The correct sequence is:

ramfs -p; cd /tmp
ed factotum
   ...
auth/secstore -s tcp!plan9!5356 -p factotum -u william
mv factotum factotum.original
auth/secstore -s tcp!plan9!5356 -g factotum -u william


It is possible to have a subdirectory /adm/secstore/store/william/tmp/
and that might be useful in some special circumstances, but start with
just a flat layout.  Secstore is intended to bootstrap security,
not to be a general purpose file system.

The daemon secstored writes verbose error messages to stderr;  those
should probably go to /sys/log/auth instead and would have given you
a better clue to what was wrong.  I'll fix the source.

Eric

Re: [9fans] factotum-secstore

[Russ Cox]

Does /adm/secstore/store/william exist?
Does the secstored have permission to write
to the directory?

[9fans] factotum-secstore

[William Gunnells]

Trying to get secstore working.

on auth:
auth/secstored
mkdir /adm/secstore
mkdir /adm/secstore/store
mkdir /adm/secstore/who
auth/secuser william

I'm logged in via term under account william

on term:

touch /tmp/factotum
auth/secstore -s tcp!plan9!5356 -p /tmp/factotum -u
william
ramfs -p; cd /tmp
auth/secstore -s tcp!plan9!5356 -g factotum -u william
secstore password:
secstore
remote file factotum does not exist
secstore failed

The error on cpu/auth shows:

plan9 Sep 23 09:54:07 secstore from 10.56.35.117!31394
plan9 Sep 23 09:54:24 AUTH william
can't open /adm/secstore/store/william/factotum:
'/adm/secstore/store/william/factotum' does not exist

How do I correct this. I'm sure you don't touch the
file in that directory because it won't authenticate a
decrypted file.

__________________________________________________
Do you Yahoo!?
New DSL Internet Access from SBC & Yahoo!
http://sbc.yahoo.com