Coda File System

Re: Automated clog in login scripts

From: Jan Harkes <jaharkes_at_cs.cmu.edu>
Date: Mon, 23 Feb 2004 18:50:17 -0500
On Mon, Feb 23, 2004 at 03:28:30PM -0600, Jason A. Pattie wrote:
> What would it take to setup .login or .bash_login or .bashrc, etc. to
> automatically detect that a user logging in has or does not have a token
> and then prompt them for a token authentication (via clog)?  I'm

You probably wouldn't want to do that in a .bashrc, because then even
non-interactive shells would need to deal with passwords. One problem is
that we really don't know which 'Coda realms' the user might be
interested in having tokens for.

I just added a change to CVS where ctokens will return success/failure
if it is queried for the tokens of a specific realm, i.e.

    ctokens @coda.cs.cmu.edu
    echo $?

    $? == 1  Not Authenticated / token expired
    $? == 0  Valid token

So you could use this as,
    
    realm=myrealm.name
    if ctokens @$realm > /dev/null 2>&1
    then
	clog @$realm
    fi

I'm not sure what the appropriate exit code would be when listing the
tokens for all known realms, so that always returns success. For now the
the following would work pretty much the same way with the existing
ctokens.

    ctokens @realm 2>&1 | grep Expiration > /dev/null
    if [ $? -ne 0 ] ; then clog @realm ; fi

> them enter their passphrase to obtain a valid token.  I will also need
> to know whether they are starting in disconnected mode or not to be able
> to determine (based on hostname, I would assume) if I pull an
> authentication token using '-fromfile' or automatically use '-tofile'.

Hmm, that does complicate things a bit, because disconnection/connection
is really on a per-volume basis, and as such we don't really know
whether we are connected until we try to access the servers.

Maybe add some kind of `(f)ping -c 5 servername` test?

Jan
Received on 2004-02-23 18:51:20