Ticket #415 (new enhancement)

Opened 12 years ago

Last modified 8 years ago

Write authenticator daemon to conspire with PyHesiodFS to get tokens

Reported by: broder Owned by:
Priority: low Milestone: The Distant Future
Component: -- Keywords:
Cc: Fixed in version:
Upstream bug:

Description

One of the few things we still need an attach command for is acquiring tokens.

So we should eliminate that need.

We could write a daemon that starts in each PAG/session, and registers itself with PyHesiodFS as the authenticator for all processes in the PID tree under PID n. Then whenever a process accesses a mountpoint in PyHesiodFS, it could grab the PID in fuse.FuseGetContext() and walk up the process tree until it finds a PID it knows an authenticator for.

It could then somehow (DBus? something else?) send a signal to the authenticator, which would acquire tokens for the correct cell if it didn't have them already.

This could also somehow deal with zephyr subscriptions as well, thus completely eliminating the need for attach to be a slightly clever combination of stat() and symlink()

Change History

comment:1 Changed 8 years ago by achernya

This is a questionable idea, because it basically turns the target into rpc.gssd, which is Wrong.

Note: See TracTickets for help on using tickets.