similar to: Kerberos/GSSAPI support

We are looking for a replacement enterprise file system to handle storage needs for our campus. For the past 10 years, we have been happily using DFS (the distributed file system component of DCE), but unfortunately IBM killed off that product and we have been running without support for over a year now. We have looked at a variety of possible options, none of which have proven fruitful. We are

I''m currently prototyping a Solaris file server that will dish out user home directories and group project directories via NFSv4 and Samba. I have samba configured and integrated into our local active directory, with ACL mapping working. I''m a little confused as to the behavior of the ZFS ACL though. on a brand-new filesystem, touching a file results in: -rw-r--r-- 1 root

I'm trying to get Samba 3.0.28 to work as an MS Dfs root providing a share that links home directories to the actual servers they reside on. Unfortunately, when I access the share from a Windows XP client, and try to open one of the directories, the client gives an error that it "refers to a location that is unavailable". I've done a lot of searching, and found a number of

I have Dovecot2 auth setup to run as user = doveauth group = dovecot configured in, vi conf.d/10-master.conf ... service auth { unix_listener /var/spool/postfix/private/auth { user = postfix group = postfix mode = 0660 } user = doveauth group = dovecot } service auth-worker { user = doveauth group = dovecot } ... When I start Dovecot, ls -al

We are running dovecot to provide authentication for postfix, using two mysql servers in a multi-master replication set as the password source: ---------------------------------------- # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.37-gentoo-r4 x86_64 Gentoo Base System release 2.0.2 auth_mechanisms = plain login digest-md5 cram-md5 auth_verbose = yes passdb { args =

All, I assume this issue is pretty old given the time ZFS has been around. I have tried searching the list but could not get understand the structure of how ZFS actually takes snapshot space into account. I have a user walter on whom I try to do the following ZFS operations bash-3.00# zfs get quota store/catB/home/walter NAME PROPERTY VALUE SOURCE

I'm running 2.0.17 and I'm still seeing a decent amount of "MySQL server has gone away" errors, despite having multiple hosts defined in my auth userdb 'connect'. This is Debian Lenny 32-bit and I'm seeing the same thing with 2.0.16 on Debian Squeeze 64-bit. E.g.: Jan 12 20:30:33 auth-worker: Error: mysql: Query failed, retrying: MySQL server has gone away Our mail

An updated version of my patch for Kerberos v5 support is now available from http://www.sxw.org.uk/computing/patches/openssh-2.5.2p1-krb5.patch This patch includes updated Kerberos v5 support for protocol version 1, and also adds GSSAPI support for protocol version 2. Unlike the Kerberos v5 code (which will still not interoperate with ssh.com clients and servers), the GSSAPI support is based on

I've now completed updating my patches for GSSAPI in protocol v2 to OpenSSH 3.1p1 See http://www.sxw.org.uk/computing/patches/openssh.html As previously, you will need to apply the protocol v1 krb5 patch before the GSSAPI one, and run autoreconf from an autoconf later than 2.52 There are a number of improvements and minor bug fixes over previous patches. However, due to protocol changes this

An updated version of my GSSAPI patches for OpenSSH 2.9p1 is finally available from http://www.sxw.org.uk/computing/patches/openssh.html These patches fix a bug with the hash calculation which will break interoperation with earlier versions - sorry! This release supports both Kerberos and GSI (thanks to Von Welch for the GSI support) mechanisms, and the code in it has now been widely tested

I note with interest that Kerberos support is now available (for the version 1 protocol, at least) in OpenSSH 2.9.9p2. However, it does not build with MIT Kerberos, due to the usual Heimdal/MIT library differences. These look, by and large, like the same problems I encountered when porting Dan Kouril's patch to MIT Kerberos - so I'm having a go at fixing them (my GSSAPI patches need

I was wondering if there was any news on the patches proposed by Ed Plese last year regarding updates for shadow copies to be better compatible with Solaris ZFS: http://lists.samba.org/archive/samba-technical/2007-February/051510.html Reviewing the release notes for the upcoming 3.2 release: http://us3.samba.org/samba/ftp/pre/WHATSNEW-3-2-0pre2.txt I don't see any mention of changes to

The latest version of my patches providing GSSAPI support for OpenSSH is available from http://www.sxw.org.uk/computing/patches/openssh.html These patches provide support for authentication mechanisms such as Kerberos and GSI with version 2 of the SSH protocol. They are conditionally compliant with draft-ietf-secsh-gsskeyex-03.txt, with the optional error message passing and host key validation

An updated version of my GSSAPI patches is now available for use with OpenSSH 3.4p1. This version also includes support for running with privsep enabled. The patches are available from http://www.sxw.org.uk/computing/patches/openssh.html These patches provide support for Kerberos and GSI authentication and credential passing with version 2 of the SSH protocol. They implement the protocol

While thinking about ZFS as the next generation filesystem without limits I am wondering if the real world is ready for this kind of incredible technology ... I''m actually speaking of hardware :) ZFS can handle a lot of devices. Once in the import bug (http://bugs.opensolaris.org/bugdatabase/view_bug.do?bug_id=6761786) is fixed it should be able to handle a lot of disks. I want to

http://bugzilla.mindrot.org/show_bug.cgi?id=1008 simon at sxw.org.uk changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |simon at sxw.org.uk ------- Comment #5 from simon at sxw.org.uk 2006-08-19 08:28 ------- There isn't an easy fix for this, at

http://bugzilla.mindrot.org/show_bug.cgi?id=1218 Summary: GSSAPI client code permits SPNEGO usage Product: Portable OpenSSH Version: 4.3p2 Platform: Other OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Kerberos support AssignedTo: bitbucket at mindrot.org ReportedBy:

Portable OpenSSH 2.9p2 has just been uploaded and shall be making its way to the mirrors listed at http://www.openssh.com/portable.html shortly. This release fixes the "cookies" file deletion problem reported on BUGTRAQ as well as a few other minor (non-security) bugs. No new features have been added in this release. Regards, Damien Miller -- | Damien Miller <djm at

Portable OpenSSH 2.9p2 has just been uploaded and shall be making its way to the mirrors listed at http://www.openssh.com/portable.html shortly. This release fixes the "cookies" file deletion problem reported on BUGTRAQ as well as a few other minor (non-security) bugs. No new features have been added in this release. Regards, Damien Miller -- | Damien Miller <djm at

I'm working with the Solaris bundled version of samba 3.5.5 and having a problem with server signing. samba is configured into an active directory domain with security = ads. With signing enabled, connections from clients in the domain work fine. However, connections from clients not in the domain fail: ----- >net use /user:WIN\henson \\ike.unx.csupomona.edu\henson Enter the password for