int
k_afs_cell_of_file(const char *path, char *cell, int len)
int
k_hasafs(void)
int
k_hasafs_recheck(void)
int
k_pioctl(char *a_path, int o_opcode, struct ViceIoctl *a_paramsP, int a_followSymlinks)
int
k_setpag(void)
int
k_unlog(void)
void
kafs_set_verbose(void (*func)(void *, const char *, int), void *)
int
kafs_settoken_rxkad(const char *cell, struct ClearToken *token, void *ticket, size_t ticket_len)
int
kafs_settoken(const char *cell, uid_t uid, CREDENTIALS *c)
krb_afslog(char *cell, char *realm)
int
krb_afslog_uid(char *cell, char *realm, uid_t uid)
krb5_error_code
krb5_afslog_uid(krb5_context context, krb5_ccache id, const char *cell, krb5_const_realm realm, uid_t uid)
int
kafs_settoken5(const char *cell, uid_t uid, krb5_creds *c)
krb5_error_code
krb5_afslog(krb5_context context, krb5_ccache id, const char *cell, krb5_const_realm realm)
)
initializes some library internal structures, and tests for the
presence of AFS in the kernel, none of the other functions should be
called before
k_hasafs()
is called, or if it fails.
k_hasafs_recheck()
forces a recheck if a AFS client has started since last time
k_hasafs()
or
k_hasafs_recheck()
was called.
kafs_set_verbose()
set a log function that will be called each time the kafs library does
something important so that the application using libkafs can output
verbose logging.
Calling the function
kafs_set_verbose
with the function argument set to
NULL
will stop libkafs from calling the logging function (if set).
kafs_settoken_rxkad()
set
rxkad
with the
token
and
ticket
(that have the length
ticket_len)
for a given
cell.
kafs_settoken()
and
kafs_settoken5()
work the same way as
kafs_settoken_rxkad()
but internally converts the Kerberos 4 or 5 credential to a afs
cleartoken and ticket.
krb_afslog(),
and
krb_afslog_uid()
obtains new tokens (and possibly tickets) for the specified
cell
and
realm.
If
cell
is
NULL,
the local cell is used. If
realm
is
NULL,
the function tries to guess what realm to use. Unless you have some good knowledge of what cell or realm to use, you should pass
NULL.
krb_afslog()
will use the real user-id for the
ViceId
field in the token,
krb_afslog_uid()
will use
uid.
krb5_afslog(),
and
krb5_afslog_uid()
are the Kerberos 5 equivalents of
krb_afslog(),
and
krb_afslog_uid().
krb5_afslog(),
kafs_settoken5()
can be configured to behave differently via a
krb5_appdefault
option
afs-use-524
in
krb5.conf.
Possible values for
afs-use-524
are:
Example:
[appdefaults]
SU.SE = { afs-use-524 = local }
PDC.KTH.SE = { afs-use-524 = yes }
afs-use-524 = yes
libkafs will use the
libkafs
as application name when running the
krb5_appdefault
function call.
The (uppercased) cell name is used as the realm to the krb5_appdefaultfunction.
k_afs_cell_of_file()
will in
cell
return the cell of a specified file, no more than
len
characters is put in
cell.
k_pioctl()
does a
pioctl()
system call with the specified arguments. This function is equivalent to
lpioctl().
k_setpag()
initializes a new PAG.
k_unlog()
removes destroys all tokens in the current PAG.
)
returns 1 if AFS is present in the kernel, 0 otherwise.
krb_afslog()
and
krb_afslog_uid()
returns 0 on success, or a Kerberos error number on failure.
k_afs_cell_of_file(),
k_pioctl(),
k_setpag(),
and
k_unlog()
all return the value of the underlaying system call, 0 on success.
AFS_SYSCALL
if (k_hasafs()) {
char cell[64];
k_setpag();
if(k_afs_cell_of_file(pwd->pw_dir, cell, sizeof(cell)) == 0)
krb_afslog(cell, NULL);
krb_afslog(NULL, NULL);
}
))
is called without AFS being present in the kernel, the process will
usually (depending on the operating system) receive a SIGSYS signal.
AFS_SYSCALL
has no effect under AIX.