This is the mail archive of the cygwin@sourceware.cygnus.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

I see my password; help


I'm seeing my password appear on the screen when I authenticate with
AFS.  Let me explain:


BACKGROUND

I have Cygwin-1.0 installed on an windowsNT machine.  I've also got
IBM-Transarc AFS Client installed so that my NT machine can see the
filesystems exported off our big Unix AFS fileservers.

There's a little icon in the system tray that, when clicked, allows me
to enter my AFS pasword, in order to get a fresh token.  (tokens expire
in about a day, and you need to re-authenticate.)  This allows me to
have all WinNT processes share a single AFS token.  Which is nice when I
come in the next day and need to re-authenticate.

But, my cygwin processes do not benefit from this token.  I need to use
the (provided by IBM-Transarc) command-line util to authenticate in my
bash shell, as I would on a normal unix system.


DESCRIPTION OF PROBLEM

When I authenticate, in bash, from the command-line program (called
klog), my password appears on the screen in the bash window.  I don't
want my password to appear on the screen.

My password is NOT visible if I run klog in a dos cmd shell that I start
from the Dos Prompt icon inthe start menu.  However, if I, in a bash
shell, type cmd to start a dos shell, that dos shell will show my
password on the screen.


HOW CAN I FIX THIS?

I see two possibilities.  One is to make the password not appear in a
bash shell.  I don't know enough about terminal handling, especially
when running dos apps, in order to make this work.  For all I know, it
may be easy or it may require re-compiling the AFS software.

The other is to re-compile cygwin1.dll in order to be AFS-aware.

I'd be happy with either solution.  But the latter would be far better,
IMHO. That way, my cygwin apps would benefit from the single,
centralized token that I can renew from the system tray.  There are
other benefits to making cygwin AFS-aware, too.  AFS is a real UNIX-type
filesystem, that has symbolic links and such.

Currently, cygwin sees a symbolic link as an additional copy of the
file/dir that it is linked-to.  This causes problems when editing, from
a cygwin app, files that live on an AFS partition.  The symlink is
unlinked and a copy of the edited file replaces it.  The origional file
remains unchanged.  Obviously non-optimal behavior.  (this is how pure
winNT apps handle such files, but cygwin has the potential to be less
brain-dead.)

The AFS Client installation comes with a plethora of <afs/*.h> include
files, and an array of .dll's.  It looks like they provide everything
you need to make your apps AFS-aware.  I've never made an AFS-aware
app.  And I don't know what their license terms are, but I'm trying to
find out.  I'd be interested in trying to make a patch to winsup that
would make cygwin1.dll AFS-aware.  (Realistically, I don't know if I
currently have enough background to do this, nor currently the time to
learn.)


Is anyone else out there having the same problems?


AFS PLUG, BECAUSE I THINK IT's REALLY GREAT:

FWIW, AFS is far superior to samba.  It's apparently more secure.  And,
if I have sourcecode in an AFS partition, and compile the .o files into
the AFS partition, things go at least 10 times faster than trying to do
that through samba.  AFS for NT seems to currently use some kind of
write-trough scheme, so if I put the .o files on my local disk, things
are even faster...in fact, if my AFS cache is big enough (simple to
configure), then compiles are as fast, AFAICT, as if the sourcecode is
on my local PC.  Obviously, this is a big win when you need to compile
your multi-platform code on PC's as well as on Unix systems.


Side question: Has anyone out there gotten the AFS patch to ssh to work
under cygwin?  It's bubbling toward the top of my to-try-to-do list. 
This patch allows ssh (client) to pass your AFS token to an AFS-aware
sshd, so that you don't need to AFS-authenticate as soon as ssh gives
you your remote shell.  I think it requires that kerberos be set up.

thanks,

-jeff

--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe@sourceware.cygnus.com


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]