From mboxrd@z Thu Jan 1 00:00:00 1970 From: Dan Cross Message-Id: <200108151633.MAA07522@augusta.math.psu.edu> To: 9fans@cse.psu.edu Subject: Re: [9fans] pwd In-Reply-To: References: <200108141448.KAA02421@augusta.math.psu.edu> Cc: Date: Wed, 15 Aug 2001 12:33:59 -0400 Topicbox-Message-UUID: dd2aa7b0-eac9-11e9-9e20-41e7f4b1d025 In article you write: >It is a single machine running plan9 in the whole LAN; thus it should >serve everything: cpu, file, auth ... Do I have to configure auth >services manually? Well, if it's set up as a terminal, and using the default /rc/bin/termrc, then it won't start the auth services, and you'd have to configure it otherwise. Likewise with serving kfs. If it's the only plan 9 machine on the network, you have a chicken and egg problem when it boots up; it's the kernel that asks for your password and expects to be able to talk to the auth server to validate it. But, if you haven't started the auth server, and you clearly haven't since you haven't started any user processes yet, it'll have nothing to validate against. CPU servers get around this by either not asking for a password at all and having a local KFS file system (started by the kernel) off of which they'll start the auth server, or, if talking to a file server, by timing out and saying, ``okay, I'll use the key that's in my nvram to authenticate myself to the file server....'' (the file server also knows it's own key, so that's okay) and then starting up the auth server. Terminals expect that an auth server already is running, and will fail to start if they can't get a valid password (unless they're configured to start up standalone, using kfs, which again ist started by the kernel, in which case we're back where we started, where whatever password you enter is essentially meaningless, thus the idea of changing it is also meaningless). Does that make sense? (Other 9fans, did I make any mistakes in my description above? Please feel free to correct me; I don't want to spread falsehoods out of ignorance. :-) - Dan C.