From mboxrd@z Thu Jan 1 00:00:00 1970 Message-Id: <200703251156.l2PBujR12676@zamenhof.cs.utwente.nl> To: Fans of the OS Plan 9 from Bell Labs <9fans@cse.psu.edu> Subject: Re: [9fans] factotum/802.1x catch 22? In-reply-to: Your message of "Thu, 22 Mar 2007 06:38:11 +0200." <9321241f7154cd4cd7fab6579c8916b0@proxima.alt.za> References: <9321241f7154cd4cd7fab6579c8916b0@proxima.alt.za> From: Axel Belinfante MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <12672.1174823805.1@zamenhof.cs.utwente.nl.cs.utwente.nl> Date: Sun, 25 Mar 2007 13:56:45 +0200 Topicbox-Message-UUID: 30b2ebb0-ead2-11e9-9d60-3106f5b1d025 > > reseiving it it will also trigger an attempt to access > > secstore if it wanted to do that on startup but couldn't > > (like because there was no network configured yet.) > > That is also a useful function in itself and I see no risks in it. > If you add it in as a separate function, make sure we can add the > location of the secstore. I'm a bit unsure what is best regarding secstore; I hesitate to replicate functionality we alread have, and we already have the possibility of doing: auth/secstore -G factotum | read -m >/mnt/factotum/ctl what you say seems to imply 'copying' (functionality of) secstore(1) flags, like '-s server'. but then, where to stop? do we also need something like -g/-G for the filename? that would allow e.g. echo secstore -s server -G filename >/mnt/factotum/ctl but then, what about e.g. -n? the more I think about it, the less certain I become. It was suggested to me off-list to use a shell script as boot program for more flexibility. in that case doing the auth/secstore + read to deal with secstore would be trivial. > Mind you, that might be necessary in the > "authaddr" command, too, possibly as an option. Axel.