From: Dan Cross <cross@math.psu.edu>
To: 9fans@cse.psu.edu
Subject: Re: [9fans] pwd
Date: Wed, 15 Aug 2001 12:33:59 -0400 [thread overview]
Message-ID: <200108151633.MAA07522@augusta.math.psu.edu> (raw)
In-Reply-To: <cej-1010815163141.A02421@cejchan.gli.cas.cz>
In article <cej-1010815163141.A02421@cejchan.gli.cas.cz> you write:
>It is a single machine running plan9 in the whole LAN; thus it should
>serve everything: cpu, file, auth ... Do I have to configure auth
>services manually?
Well, if it's set up as a terminal, and using the default
/rc/bin/termrc, then it won't start the auth services, and you'd have
to configure it otherwise. Likewise with serving kfs.
If it's the only plan 9 machine on the network, you have a chicken and
egg problem when it boots up; it's the kernel that asks for your
password and expects to be able to talk to the auth server to validate
it. But, if you haven't started the auth server, and you clearly
haven't since you haven't started any user processes yet, it'll have
nothing to validate against.
CPU servers get around this by either not asking for a password at all
and having a local KFS file system (started by the kernel) off of which
they'll start the auth server, or, if talking to a file server, by
timing out and saying, ``okay, I'll use the key that's in my nvram to
authenticate myself to the file server....'' (the file server also
knows it's own key, so that's okay) and then starting up the auth
server.
Terminals expect that an auth server already is running, and will fail
to start if they can't get a valid password (unless they're configured
to start up standalone, using kfs, which again ist started by the
kernel, in which case we're back where we started, where whatever
password you enter is essentially meaningless, thus the idea of
changing it is also meaningless).
Does that make sense? (Other 9fans, did I make any mistakes in my
description above? Please feel free to correct me; I don't want to
spread falsehoods out of ignorance. :-)
- Dan C.
next prev parent reply other threads:[~2001-08-15 16:33 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-08-14 11:40 pac
2001-08-14 14:48 ` Dan Cross
2001-08-15 14:31 ` pac
2001-08-15 16:33 ` Dan Cross [this message]
2001-08-15 16:44 ` Lucio De Re
2001-08-15 17:55 ` Dan Cross
2001-08-16 14:23 ` pac
2001-08-17 16:04 ` Dan Cross
2001-08-14 16:22 Russ Cox
2001-08-15 14:26 ` pac
2001-08-16 1:05 forsyth
2001-08-17 16:47 forsyth
2001-08-17 17:59 ` Dan Cross
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200108151633.MAA07522@augusta.math.psu.edu \
--to=cross@math.psu.edu \
--cc=9fans@cse.psu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).