9fans - fans of the OS Plan 9 from Bell Labs
 help / color / mirror / Atom feed
* Re: [9fans] auth/login
@ 2002-11-22  1:28 okamoto
  2002-11-22  1:47 ` Andrew
  0 siblings, 1 reply; 10+ messages in thread
From: okamoto @ 2002-11-22  1:28 UTC (permalink / raw)
  To: 9fans

> Factotum sort of broke login.
>
> When you run login, your process becomes owned by the new id.
> However, unless the factotum you are using is owned by a userid
> that can 'speak for' other uid's, your new process can't authenticate
> to any resources off of your machine.

I have same problem when I use auth/login at our full system,
however, I don't have no problem when I use the same command
in my home two PCs system (Auth/kfs + terminals).  I wonder what
is the difference between these two cases.

Kenji



^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [9fans] auth/login
  2002-11-22  1:28 [9fans] auth/login okamoto
@ 2002-11-22  1:47 ` Andrew
  0 siblings, 0 replies; 10+ messages in thread
From: Andrew @ 2002-11-22  1:47 UTC (permalink / raw)
  To: 9fans

On Fri, Nov 22, 2002 at 10:28:48AM +0900, okamoto@granite.cias.osakafu-u.ac.jp wrote:
> > Factotum sort of broke login.
> >
> > When you run login, your process becomes owned by the new id.
> > However, unless the factotum you are using is owned by a userid
> > that can 'speak for' other uid's, your new process can't authenticate
> > to any resources off of your machine.
>
> I have same problem when I use auth/login at our full system,
> however, I don't have no problem when I use the same command
> in my home two PCs system (Auth/kfs + terminals).  I wonder what
> is the difference between these two cases.
>
well the only thing different there is the file server, so possibly in
the way it speaks with factotum vs the way kfs speaks to factotum. just
a guess though.


^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [9fans] auth/login
@ 2002-11-22  3:04 okamoto
  0 siblings, 0 replies; 10+ messages in thread
From: okamoto @ 2002-11-22  3:04 UTC (permalink / raw)
  To: 9fans

> On Fri, Nov 22, 2002, okamoto@granite.cias.osakafu-u.ac.jp wrote:
>> I meant if user id is the only reason of that problem, why we see difference
>> between real full syatem and Auth/kfs system...
>
> You run as hostowner on the auth/kfs system, no?

No, I'm running auth/kfs server as name 'venus'
which responds to 'bootes' for many users, and has different user ID
from 'okamoto' running terminal, and is that hostowner.

Kenji



^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [9fans] auth/login
  2002-11-22  2:16 okamoto
@ 2002-11-22  2:26 ` William Josephson
  0 siblings, 0 replies; 10+ messages in thread
From: William Josephson @ 2002-11-22  2:26 UTC (permalink / raw)
  To: 9fans

On Fri, Nov 22, 2002, okamoto@granite.cias.osakafu-u.ac.jp wrote:
> I meant if user id is the only reason of that problem, why we see difference
> between real full syatem and Auth/kfs system...

You run as hostowner on the auth/kfs system, no?


^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [9fans] auth/login
@ 2002-11-22  2:16 okamoto
  2002-11-22  2:26 ` William Josephson
  0 siblings, 1 reply; 10+ messages in thread
From: okamoto @ 2002-11-22  2:16 UTC (permalink / raw)
  To: 9fans

> On Fri, Nov 22, 2002 at 10:28:48AM +0900, okamoto@granite.cias.osakafu-u.ac.jp wrote:
>> > Factotum sort of broke login.
>> >
>> > When you run login, your process becomes owned by the new id.
>> > However, unless the factotum you are using is owned by a userid
>> > that can 'speak for' other uid's, your new process can't authenticate
>> > to any resources off of your machine.
>>
>> I have same problem when I use auth/login at our full system,
>> however, I don't have no problem when I use the same command
>> in my home two PCs system (Auth/kfs + terminals).  I wonder what
>> is the difference between these two cases.
>>
> well the only thing different there is the file server, so possibly in
> the way it speaks with factotum vs the way kfs speaks to factotum. just
> a guess though.

I meant if user id is the only reason of that problem, why we see difference
between real full syatem and Auth/kfs system...

Kenji



^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [9fans] auth/login
@ 2002-11-22  1:42 okamoto
  0 siblings, 0 replies; 10+ messages in thread
From: okamoto @ 2002-11-22  1:42 UTC (permalink / raw)
  To: 9fans

> however, I don't have no problem when I use the same command
> in my home two PCs system (Auth/kfs + terminals).
should be
>however, I have no problem when I use the same command
> in my home two PCs system (Auth/kfs + terminals).

Yes, I'm a speaker of Japanglish. :-)

Kenji



^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [9fans] auth/login
@ 2002-11-21 14:06 presotto
  0 siblings, 0 replies; 10+ messages in thread
From: presotto @ 2002-11-21 14:06 UTC (permalink / raw)
  To: 9fans

[-- Attachment #1: Type: text/plain, Size: 460 bytes --]

Factotum sort of broke login.

When you run login, your process becomes owned by the new id.
However, unless the factotum you are using is owned by a userid
that can 'speak for' other uid's, your new process can't authenticate
to any resources off of your machine.

One way around this is to run factotum as the new user and they
rebuild your name space.  I need to think about this.

In trying this out, I think I found an authentication bug also...

[-- Attachment #2: Type: message/rfc822, Size: 2040 bytes --]

From: Andrew <afrayedknot@thefrayedknot.armory.com>
To: 9fans@cse.psu.edu
Subject: [9fans] auth/login
Date: Wed, 20 Nov 2002 23:41:45 -0800
Message-ID: <20021121074145.GA27486@thefrayedknot.armory.com>

im having trouble getting this command to work the way i think its
supposed to.  in the man page it says that it allows you to change
your authenticated id. So if im understanding this right, if I booted
up as user A, and need to quickly do something as user B, i can type
auth/login B, enter the password, and do things as user B from within
that namespace. However when I do this, I have no permissions anywhere,
even to /usr/B/

i guess am i just totally missing the point of that command? or is
something misconfigured?

thanks
Andrew

misc background:
my plan 9 network has an auth server, cpu server, file server and diskless
terminal. This exchange occured on the terminal.

^ permalink raw reply	[flat|nested] 10+ messages in thread

* [9fans] auth/login
@ 2002-11-21  7:41 Andrew
  0 siblings, 0 replies; 10+ messages in thread
From: Andrew @ 2002-11-21  7:41 UTC (permalink / raw)
  To: 9fans

im having trouble getting this command to work the way i think its
supposed to.  in the man page it says that it allows you to change
your authenticated id. So if im understanding this right, if I booted
up as user A, and need to quickly do something as user B, i can type
auth/login B, enter the password, and do things as user B from within
that namespace. However when I do this, I have no permissions anywhere,
even to /usr/B/

i guess am i just totally missing the point of that command? or is
something misconfigured?

thanks
Andrew

misc background:
my plan 9 network has an auth server, cpu server, file server and diskless
terminal. This exchange occured on the terminal.



^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [9fans] auth/login
@ 2002-10-09 20:57 presotto
  0 siblings, 0 replies; 10+ messages in thread
From: presotto @ 2002-10-09 20:57 UTC (permalink / raw)
  To: 9fans

[-- Attachment #1: Type: text/plain, Size: 143 bytes --]

Fixed and updated on sources.  Login wasn't rforking the name space so
that the second time, you were connected to your own factotum as alice.

[-- Attachment #2: Type: message/rfc822, Size: 1513 bytes --]

From: "Kenji Arisawa" <arisawa@ar.aichi-u.ac.jp>
To: 9fans@cse.psu.edu
Subject: [9fans] auth/login
Date: Thu, 3 Oct 2002 12:26:18 +0900
Message-ID: <37235bb1538fe9956d3e2e6944fa0718@ar.aichi-u.ac.jp>

auth/login fails in second time.

# first time
term% auth/login alice
Password:
% term%
# second time
term% auth/login alice
Password:
login failed: writing alice@alice@ML+xzkTj/PheMyJu+tqjIpamzu4= to #¤/capuse: capability must match user
term%

^ permalink raw reply	[flat|nested] 10+ messages in thread

* [9fans] auth/login
@ 2002-10-03  3:26 Kenji Arisawa
  0 siblings, 0 replies; 10+ messages in thread
From: Kenji Arisawa @ 2002-10-03  3:26 UTC (permalink / raw)
  To: 9fans

auth/login fails in second time.

# first time
term% auth/login alice
Password:
% term%
# second time
term% auth/login alice
Password:
login failed: writing alice@alice@ML+xzkTj/PheMyJu+tqjIpamzu4= to #¤/capuse: capability must match user
term%



^ permalink raw reply	[flat|nested] 10+ messages in thread

end of thread, other threads:[~2002-11-22  3:04 UTC | newest]

Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2002-11-22  1:28 [9fans] auth/login okamoto
2002-11-22  1:47 ` Andrew
  -- strict thread matches above, loose matches on Subject: below --
2002-11-22  3:04 okamoto
2002-11-22  2:16 okamoto
2002-11-22  2:26 ` William Josephson
2002-11-22  1:42 okamoto
2002-11-21 14:06 presotto
2002-11-21  7:41 Andrew
2002-10-09 20:57 presotto
2002-10-03  3:26 Kenji Arisawa

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).