kafs(3)

NAME

k_hasafs, k_pioctl, k_unlog, k_setpag, k_afs_cell_of_file, kafs_set_verbose, kafs_settoken_rxkad, kafs_settoken,
krb_afslog,
krb_afslog_uid kafs_settoken5, krb5_afslog, krb5_afslog_uid
- AFS library

LIBRARY

AFS cache manager access library (libkafs5, -lkafs5)

SYNOPSIS

#include <kafs.h>
int
k_afs_cell_of_file(const char *path, char *cell, int len);
int
k_hasafs(void);
int
k_pioctl(char  *a_path,  int  o_opcode,   struct   ViceIoctl
*a_paramsP,
        int a_followSymlinks);
int
k_setpag(void);
int
k_unlog(void);
void
kafs_set_verbose(void  (*func)(void  *,  const char *, int),
void *);
int
kafs_settoken_rxkad(const  char  *cell,  struct   ClearToken
*token,
        void *ticket, size_t ticket_len);
int
kafs_settoken(const char *cell, uid_t uid, CREDENTIALS *c);
krb_afslog(char *cell, char *realm);
int
krb_afslog_uid(char *cell, char *realm, uid_t uid);
krb5_error_code
krb5_afslog_uid(krb5_context  context, krb5_ccache id, const
char *cell,
        krb5_const_realm realm, uid_t uid);
int
kafs_settoken5(const char *cell, uid_t uid, krb5_creds *c);
krb5_error_code
krb5_afslog(krb5_context context, krb5_ccache id, const char
*cell,
        krb5_const_realm realm);

DESCRIPTION

k_hasafs() initializes some library internal structures, and
tests for
the presence of AFS in the kernel, none of the other func
tions should be
called before k_hasafs() is called, or if it fails.
kafs_set_verbose() set a log function that will be called
each time the
kafs library does something important so that the applica
tion using
libkafs can output verbose logging. Calling the function
kafs_set_verbose with the function argument set to NULL will
stop libkafs
from calling the logging function (if set).
kafs_settoken_rxkad() set rxkad with the token and ticket
(that have the
length ticket_len) for a given cell.
kafs_settoken() and kafs_settoken5() work the same way as kafs_settoken_rxkad() but internally converts the Kerberos 4
or 5 credential to a afs cleartoken and ticket.
krb_afslog(), and krb_afslog_uid() obtains new tokens (and
possibly tickets) for the specified cell and realm. If cell is NULL, the
local cell
is used. If realm is NULL, the function tries to guess what
realm to use.
Unless you have some good knowledge of what cell or realm
to use, you
should pass NULL. krb_afslog() will use the real user-id
for the ViceId
field in the token, krb_afslog_uid() will use uid.
krb5_afslog(), and krb5_afslog_uid() are the Kerberos 5
equivalents of
krb_afslog(), and krb_afslog_uid().
krb5_afslog(), kafs_settoken5() can be configured to behave
diffrently
via a krb5_appdefault option afs-use-524 in krb5.conf. Pos
sible values
for afs-use-524 are:
yes use the 524 server in the realm to convert the ticket
no use the Kerberos 5 ticket directly, can be used with
if the afs
cell support 2b token.
local, 2b
convert the Kerberos 5 credential to a 2b token lo
cally (the same
work as a 2b 524 server should have done).
Example:
[appdefaults]
SU.SE = { afs-use-524 = local }
PDC.KTH.SE = { afs-use-524 = yes }
afs-use-524 = yes
libkafs will use the libkafs as application name when run
ning the
krb5_appdefault function call.
The (uppercased) cellname is used as the realm to the
krb5_appdefault
function.
k_afs_cell_of_file() will in cell return the cell of a spec
ified file, no
more than len characters is put in cell.
k_pioctl() does a pioctl() syscall with the specified argu
ments. This
function is equivalent to lpioctl().
k_setpag() initializes a new PAG.
k_unlog() removes destroys all tokens in the current PAG.

RETURN VALUES

k_hasafs() returns 1 if AFS is present in the kernel, 0 oth
erwise.
krb_afslog() and krb_afslog_uid() returns 0 on success, or a
Kerberos
error number on failure. k_afs_cell_of_file(), k_pioctl(),
k_setpag(),
and k_unlog() all return the value of the underlaying system
call, 0 on
success.

ENVIRONMENT

The following environment variable affect the mode of opera
tion of kafs:
AFS_SYSCALL Normally, kafs will try to figure out the cor
rect system
call(s) that are used by AFS by itself. If it
does not manage to do that, or does it incorrectly, you can
set this
variable to the system call number or list of
system call
numbers that should be used.

EXAMPLES

The following code from login will obtain a new PAG and to
kens for the
local cell and the cell of the users home directory.
if (k_hasafs()) {
char cell[64];
k_setpag();
if(k_afs_cell_of_file(pwd->pw_dir, cell, size
of(cell)) == 0)
krb_afslog(cell, NULL);
krb_afslog(NULL, NULL);
}

ERRORS

If any of these functions (apart from k_hasafs()) is called
without AFS
being present in the kernel, the process will usually (de
pending on the
operating system) receive a SIGSYS signal.

SEE ALSO

Transarc Corporation, "File Server/Cache Manager Interface",
AFS-3
Programmer's Reference, 1991.
krb5_appdefaults(3), krb5.conf(5)

BUGS

AFS_SYSCALL has no effect under AIX.
HEIMDAL Mar 17, 2003

HEIMDAL

Copyright © 2010-2025 Platon Technologies, s.r.o.           Home | Man pages | tLDP | Documents | Utilities | About
Design by styleshout