* [9fans] Factotum
@ 2008-05-03 18:57 Rodolfo kix Garcia
2008-05-03 22:54 ` erik quanstrom
0 siblings, 1 reply; 10+ messages in thread
From: Rodolfo kix Garcia @ 2008-05-03 18:57 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
factotum comes from the Charles Bukowski's book?
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [9fans] Factotum
2008-05-03 18:57 [9fans] Factotum Rodolfo kix Garcia
@ 2008-05-03 22:54 ` erik quanstrom
2008-05-03 23:01 ` Pietro Gagliardi
0 siblings, 1 reply; 10+ messages in thread
From: erik quanstrom @ 2008-05-03 22:54 UTC (permalink / raw)
To: 9fans
> factotum comes from the Charles Bukowski's book?
i thought the reference was older
minooka; dict
*/factotum/
1 Fac*to"tum
*1
Fac*to"tum (făk*tō"tŭm), n.; pl. Factotums (- tŭmz). [L., do
everything; facere to do + totus all : cf. F. factotum. See /Fact/,
and /Total/.] A person employed to do all kinds of work or business.
B. Jonson.
- erik
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [9fans] Factotum
2008-05-03 22:54 ` erik quanstrom
@ 2008-05-03 23:01 ` Pietro Gagliardi
2008-05-04 1:37 ` Russ Cox
0 siblings, 1 reply; 10+ messages in thread
From: Pietro Gagliardi @ 2008-05-03 23:01 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
On May 3, 2008, at 6:54 PM, erik quanstrom wrote:
>> factotum comes from the Charles Bukowski's book?
>
> i thought the reference was older
>
> minooka; dict
> */factotum/
> 1 Fac*to"tum
> *1
> Fac*to"tum (făk*tō"tŭm), n.; pl. Factotums (- tŭmz). [L., do
> everything; facere to do + totus all : cf. F. factotum. See /Fact/,
> and /Total/.] A person employed to do all kinds of work or business.
> B. Jonson.
>
> - erik
>
And that definition relates to the factotum system how? We define it
as so:
Fac*to"tum (făk*tō"tŭm), n.; pl. Factotums (- tŭmz). [L., do
everything; facere to do + totus all : cf. F. factotum. See /Fact/,
and /Total/.] The centralization of anything that has to do
with authentication.
Given the dictionary definition, Plan 9 is a factotum.
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [9fans] Factotum
2008-05-03 23:01 ` Pietro Gagliardi
@ 2008-05-04 1:37 ` Russ Cox
2008-05-04 1:45 ` Pietro Gagliardi
0 siblings, 1 reply; 10+ messages in thread
From: Russ Cox @ 2008-05-04 1:37 UTC (permalink / raw)
To: 9fans
>> Fac*to"tum (făk*tō"tŭm), n.; pl. Factotums (- tŭmz). [L., do
>> everything; facere to do + totus all : cf. F. factotum. See /Fact/,
>> and /Total/.] A person employed to do all kinds of work or business.
>> B. Jonson.
> And that definition relates to the factotum system how?
In the original usage, a factotum meant a servant who acted on
his master's behalf, taking care of all kinds of business.
Plan 9's factotum acts on your behalf, taking care of all kinds
of authentications. It's the single do-all authentication agent,
instead of having a separate SSH agent, SSL agent, Kerberos agent,
and so on.
Russ
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [9fans] Factotum
2008-05-04 1:37 ` Russ Cox
@ 2008-05-04 1:45 ` Pietro Gagliardi
2008-05-04 1:57 ` erik quanstrom
0 siblings, 1 reply; 10+ messages in thread
From: Pietro Gagliardi @ 2008-05-04 1:45 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
On May 3, 2008, at 9:37 PM, Russ Cox wrote:
>>> Fac*to"tum (făk*tō"tŭm), n.; pl. Factotums (- tŭmz). [L., do
>>> everything; facere to do + totus all : cf. F. factotum. See /Fact/,
>>> and /Total/.] A person employed to do all kinds of work or
>>> business.
>>> B. Jonson.
>
>> And that definition relates to the factotum system how?
>
> In the original usage, a factotum meant a servant who acted on
> his master's behalf, taking care of all kinds of business.
>
> Plan 9's factotum acts on your behalf, taking care of all kinds
> of authentications. It's the single do-all authentication agent,
> instead of having a separate SSH agent, SSL agent, Kerberos agent,
> and so on.
>
> Russ
>
>
I just wish it didn't have a bleak memory. Is there a way to force it
to remember passwords for ftpfs?
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [9fans] Factotum
2008-05-04 1:45 ` Pietro Gagliardi
@ 2008-05-04 1:57 ` erik quanstrom
2008-05-04 5:39 ` Bruce Ellis
2008-05-06 9:51 ` roger peppe
0 siblings, 2 replies; 10+ messages in thread
From: erik quanstrom @ 2008-05-04 1:57 UTC (permalink / raw)
To: 9fans
>>
> I just wish it didn't have a bleak memory. Is there a way to force it
> to remember passwords for ftpfs?
it is not factotum's job to provide persistant storage. that would
infringe upon secstore's franchise.
- erik
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [9fans] Factotum
2008-05-04 1:57 ` erik quanstrom
@ 2008-05-04 5:39 ` Bruce Ellis
2008-05-06 9:51 ` roger peppe
1 sibling, 0 replies; 10+ messages in thread
From: Bruce Ellis @ 2008-05-04 5:39 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
no latin? ok. find the monkees episode where the word is used.
it was shown on cable when presto was going in deep. he has support
from re-runs.
brucee
On Sun, May 4, 2008 at 11:57 AM, erik quanstrom <quanstro@quanstro.net> wrote:
> >>
> > I just wish it didn't have a bleak memory. Is there a way to force it
> > to remember passwords for ftpfs?
>
> it is not factotum's job to provide persistant storage. that would
> infringe upon secstore's franchise.
>
>
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [9fans] Factotum
2008-05-04 1:57 ` erik quanstrom
2008-05-04 5:39 ` Bruce Ellis
@ 2008-05-06 9:51 ` roger peppe
2008-05-06 13:57 ` Eric Van Hensbergen
1 sibling, 1 reply; 10+ messages in thread
From: roger peppe @ 2008-05-06 9:51 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
On Sun, May 4, 2008 at 2:57 AM, erik quanstrom <quanstro@quanstro.net> wrote:
> it is not factotum's job to provide persistant storage. that would
> infringe upon secstore's franchise.
that said, i sometimes wish the interface between factotum and secstore
was a bit more slick, particularly when dealing with protocols (such as
inferno's auth(6)) that don't use a password directly, but instead use another
protocol (e.g. login(6)) to generate a long-term key which is the info that you
want factotum to store.
the stuff with ipso, etc, is fine when all the entries are manually generated,
but seems unnecessarily awkward when automatically generated keys are
involved.
i'd like to see a way of asking factotum "please save your keys to secstore",
although there's some difficulty getting it right, as there are
potentially many factotums
to one secstore, or even worse, several secstores.
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [9fans] Factotum
2008-05-06 9:51 ` roger peppe
@ 2008-05-06 13:57 ` Eric Van Hensbergen
2008-05-06 14:08 ` erik quanstrom
0 siblings, 1 reply; 10+ messages in thread
From: Eric Van Hensbergen @ 2008-05-06 13:57 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
On Tue, May 6, 2008 at 4:51 AM, roger peppe <rogpeppe@gmail.com> wrote:
>
> i'd like to see a way of asking factotum "please save your keys to secstore",
> although there's some difficulty getting it right, as there are
> potentially many factotums
> to one secstore, or even worse, several secstores.
>
Plumbing? May not help with multiple secstores and/or factotums but
having multiples of these seems like a bother. Should there be some
way to safely consolidate the services? Or am I just being security
naive?
-eric
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [9fans] Factotum
2008-05-06 13:57 ` Eric Van Hensbergen
@ 2008-05-06 14:08 ` erik quanstrom
0 siblings, 0 replies; 10+ messages in thread
From: erik quanstrom @ 2008-05-06 14:08 UTC (permalink / raw)
To: 9fans
>>
>> i'd like to see a way of asking factotum "please save your keys to secstore",
>> although there's some difficulty getting it right, as there are
>> potentially many factotums
>> to one secstore, or even worse, several secstores.
>>
>
> Plumbing? May not help with multiple secstores and/or factotums but
> having multiples of these seems like a bother. Should there be some
> way to safely consolidate the services? Or am I just being security
> naive?
>
> -eric
one would generally have multiple factotums if logged into two terminals at
the same time.
the cpu hostowner has one factotum per cpu server. coraid, for example, has
~5 main cpu servers.
one would generally have one secstore per authentication domain.
i can't reasonablly merge my home secstore server and the one at work,
even if the network were perfectly reliable.
that being said, i don't think that there really is a problem if the process
of moving keys from factotum to secstore were manually driven, as in
echo dumpkeys secstore.example.com>/mnt/factotum/ctl
another solution would be a command line tool that generates and prints
the long-term key so it can be manually intered into secstore.
i like this solution better because it keeps the information flow
unidirectional. one can trust a factotum too much.
- erik
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2008-05-06 14:08 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2008-05-03 18:57 [9fans] Factotum Rodolfo kix Garcia
2008-05-03 22:54 ` erik quanstrom
2008-05-03 23:01 ` Pietro Gagliardi
2008-05-04 1:37 ` Russ Cox
2008-05-04 1:45 ` Pietro Gagliardi
2008-05-04 1:57 ` erik quanstrom
2008-05-04 5:39 ` Bruce Ellis
2008-05-06 9:51 ` roger peppe
2008-05-06 13:57 ` Eric Van Hensbergen
2008-05-06 14:08 ` erik quanstrom
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).