* [9fans] Could factotum call secstorefecth() on demand?
@ 2002-06-18 17:11 FJ Ballesteros
0 siblings, 0 replies; 2+ messages in thread
From: FJ Ballesteros @ 2002-06-18 17:11 UTC (permalink / raw)
To: 9fans
If you boot from kfs, IFAIK, this is the order in which
things happen:
- boot asks for boot method (local, in this case).
- boot starts factotum
- factotum can't dial the secstore and forgets about using it.
- termrc configures ipifc
- you boot and try to mount things
- factotum asks for keys since there's no secstore.
I have been starting a second factotum from my profile so that
it could dial the secstore and use it.
But, wouldn't it be possible to make factotum execute the
if(trysecstore) {
if (havesecstore() == 1)
...
code on demand, when it needs a key that is not present?
In case that would be reasonable, where should such call be made?
Or is there a better way I'm missing?
thanks
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [9fans] Could factotum call secstorefecth() on demand?
@ 2002-06-18 17:10 Russ Cox
0 siblings, 0 replies; 2+ messages in thread
From: Russ Cox @ 2002-06-18 17:10 UTC (permalink / raw)
To: 9fans
The problem is that then factotum would have the
secstore key, and we've been treating that key as
somehow even more important than what factotum
typically holds.
We really don't want that one to be usable at will.
My profile contains something like:
ipaddr=`{netstat -i | sed 1q | awk '{print $3}'}
if(! ~ $#ipaddr 1)
ipaddr=none
switch($service) {
case terminal
switch($ipaddr) {
case none
;
case *
if(~ `{wc -l </mnt/factotum/ctl} 0)
auth/secstore -G factotum | read -m >/mnt/factotum/ctl
}
}
to load factotum from secstore without starting
a new one.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2002-06-18 17:11 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2002-06-18 17:11 [9fans] Could factotum call secstorefecth() on demand? FJ Ballesteros
-- strict thread matches above, loose matches on Subject: below --
2002-06-18 17:10 Russ Cox
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).