int
k_afs_cell_of_file(
const char *path
, char *cell
, int len
)
int
k_hasafs(
void
)
int
k_hasafs_recheck(
void
)
int
k_pioctl(
char *a_path
, int o_opcode
, struct ViceIoctl *a_paramsP
, int a_followSymlinks
)
int
k_setpag(
void
)
int
k_unlog(
void
)
void
kafs_set_verbose(
void (*func)(void *, const char *, int)
, void *
)
int
kafs_settoken_rxkad(
const char *cell
, struct ClearToken *token
, void *ticket
, size_t ticket_len
)
int
kafs_settoken(
const char *cell
, uid_t uid
, CREDENTIALS *c
)
krb_afslog(
char *cell
, char *realm
)
int
krb_afslog_uid(
char *cell
, char *realm
, uid_t uid
)
krb5_error_code
krb5_afslog_uid(
krb5_context context
, krb5_ccache id
, const char *cell
, krb5_const_realm realm
, uid_t uid
)
int
kafs_settoken5(
const char *cell
, uid_t uid
, krb5_creds *c
)
krb5_error_code
krb5_afslog(
krb5_context context
, krb5_ccache id
, const char *cell
, krb5_const_realm realm
)
)
initializes some library internal structures, and tests for the
presence of AFS in the kernel, none of the other functions should be
called before
k_hasafs(
)
is called, or if it fails.
k_hasafs_recheck()
forces a recheck if a AFS client has started since last time
k_hasafs(
)
or
k_hasafs_recheck(
)
was called.
kafs_set_verbose()
set a log function that will be called each time the kafs library does
something important so that the application using libkafs can output
verbose logging.
Calling the function
kafs_set_verbose
with the function argument set to
NULL
will stop libkafs from calling the logging function (if set).
kafs_settoken_rxkad()
set
rxkad
with the
token
and
ticket
(that have the length
ticket_len
)
for a given
cell
.
kafs_settoken()
and
kafs_settoken5(
)
work the same way as
kafs_settoken_rxkad(
)
but internally converts the Kerberos 4 or 5 credential to a afs
cleartoken and ticket.
krb_afslog(),
and
krb_afslog_uid(
)
obtains new tokens (and possibly tickets) for the specified
cell
and
realm
.
If
cell
is
NULL
,
the local cell is used. If
realm
is
NULL
,
the function tries to guess what realm to use. Unless you have some good knowledge of what cell or realm to use, you should pass
NULL
.
krb_afslog()
will use the real user-id for the
ViceId
field in the token,
krb_afslog_uid()
will use
uid
.
krb5_afslog(),
and
krb5_afslog_uid(
)
are the Kerberos 5 equivalents of
krb_afslog(
),
and
krb_afslog_uid(
).
krb5_afslog(),
kafs_settoken5(
)
can be configured to behave differently via a
krb5_appdefault
option
afs-use-524
in
krb5.conf
.
Possible values for
afs-use-524
are:
Example:
[appdefaults]
SU.SE = { afs-use-524 = local }
PDC.KTH.SE = { afs-use-524 = yes }
afs-use-524 = yes
libkafs will use the
libkafs
as application name when running the
krb5_appdefault
function call.
The (uppercased) cell name is used as the realm to the krb5_appdefaultfunction.
k_afs_cell_of_file()
will in
cell
return the cell of a specified file, no more than
len
characters is put in
cell
.
k_pioctl()
does a
pioctl(
)
system call with the specified arguments. This function is equivalent to
lpioctl(
).
k_setpag()
initializes a new PAG.
k_unlog()
removes destroys all tokens in the current PAG.
)
returns 1 if AFS is present in the kernel, 0 otherwise.
krb_afslog(
)
and
krb_afslog_uid(
)
returns 0 on success, or a Kerberos error number on failure.
k_afs_cell_of_file(
),
k_pioctl(
),
k_setpag(
),
and
k_unlog(
)
all return the value of the underlaying system call, 0 on success.
AFS_SYSCALL
if (k_hasafs()) {
char cell[64];
k_setpag();
if(k_afs_cell_of_file(pwd->pw_dir, cell, sizeof(cell)) == 0)
krb_afslog(cell, NULL);
krb_afslog(NULL, NULL);
}
))
is called without AFS being present in the kernel, the process will
usually (depending on the operating system) receive a SIGSYS signal.
AFS_SYSCALL
has no effect under AIX.