[Twisted-Python] Re: bad AFS/Twisted interaction (was: Starting MoinMoin as nonroot Linux User)

Garrett Rolfs stage3 at us.ibm.com
Fri Jan 28 15:27:05 EST 2005


Itamar Shtull-Trauring <itamar at itamarst.org> writes:

> On Fri, 2005-01-28 at 11:04 -0500, James Y Knight wrote:
> 
> > A quick fix is to comment out twisted/scripts/twistd.py:160:     
> > shedPrivileges(config['euid'], process.uid, process.gid)
> > which is useless when not running as root.
> 
> Can we get in a long term fix for 2.0?

That would be great.  It turns out my problem is/was the same as the
folks at MIT.  My linux box is an AFS client.  A person in my
department that is our resident AFS expert informed me that AFS uses
the first 2 group slots to store the AFS PAG (Process Authentication
Group) identifier for the user.  This is for 2.4 and older kernels.  I
don't know if it is the same for 2.6 kernels.  I know the OpenAFS
folks are in the process of redoing PAGs because of 2.6 kernel
changes.

For now.  Commenting out the the call to shedPrivileges works for me.

-Garrett Rolfs





More information about the Twisted-Python mailing list