diff --git a/lib/kafs/kafs.3 b/lib/kafs/kafs.3 index 53b41d250..a7cdcd3d9 100644 --- a/lib/kafs/kafs.3 +++ b/lib/kafs/kafs.3 @@ -5,20 +5,18 @@ .Dt KAFS 3 .Sh NAME .Nm k_hasafs , -.Nm k_afsklog , -.Nm k_afsklog_uid , .Nm k_pioctl , .Nm k_unlog , .Nm k_setpag , -.Nm k_afs_cell_of_file +.Nm k_afs_cell_of_file , +.Nm krb_afslog , +.Nm krb_afslog_uid +\" .Nm krb5_afslog , +\" .Nm krb5_afslog_uid .Nd AFS library .Sh SYNOPSIS .Fd #include .Ft int -.Fn k_afsklog "char *cell" "char *realm" -.Ft int -.Fn k_afsklog_uid "char *cell" "char *realm" "uid_t uid" -.Ft int .Fn k_afs_cell_of_file "const char *path" "char *cell" "int len" .Ft int .Fn k_hasafs @@ -28,6 +26,14 @@ .Fn k_setpag .Ft int .Fn k_unlog +.Ft int +.Fn krb_afslog "char *cell" "char *realm" +.Ft int +.Fn krb_afslog_uid "char *cell" "char *realm" "uid_t uid" +\" .Ft krb5_error_code +\" .Fn krb5_afslog_uid "krb5_context context" "krb5_ccache id" "const char *cell" "krb5_const_realm realm" "uid_t uid" +\" .Ft krb5_error_code +\" .Fn krb5_afslog "krb5_context context" "krb5_ccache id" "const char *cell" "krb5_const_realm realm" .Sh DESCRIPTION .Fn k_hasafs initializes some library internal structures, and tests for the @@ -36,9 +42,9 @@ called before .Fn k_hasafs is called, or if it fails. -.Fn k_afsklog , +.Fn krb_afslog , and -.Fn k_afsklog_uid +.Fn krb_afslog_uid obtains new tokens (and possibly tickets) for the specified .Fa cell and @@ -53,14 +59,29 @@ is .Dv NULL , the function tries to guess what realm to use. Unless you have some good knowledge of what cell or realm to use, you should pass .Dv NULL . -.Fn k_afsklog +.Fn krb_afslog will use the real user-id for the .Dv ViceId field in the token, -.Fn k_afsklog_uid +.Fn krb_afslog_uid will use .Fa uid . +\" .Fn krb5_afslog , +\" and +\" .Fn krb5_afslog_uid +\" are the Kerberos 5 equivalents of +\" .Fn krb_afslog , +\" and +\" .Fn krb_afslog_uid . +\" The extra arguments are the ubiquitous context, and the cache id where +\" to store any obtained tickets. Since AFS servers normally can't handle +\" Kerberos 5 tickets directly, these functions will first obtain version +\" 5 tickets for the requested cells, and then convert them to version 4 +\" tickets, that can be stashed in the kernel. To convert tickets the +\" .Fn krb524_convert_creds_kdc +\" function will be used. + .Fn k_afs_cell_of_file will in .Fa cell @@ -84,9 +105,9 @@ removes destroys all tokens in the current PAG. .Sh RETURN VALUES .Fn k_hasafs returns 1 if AFS is present in the kernel, 0 otherwise. -.Fn k_afsklog +.Fn krb_afslog and -.Fn k_afsklog_uid +.Fn krb_afslog_uid returns 0 on success, or a kerberos error number on failure. .Fn k_afs_cell_of_file , .Fn k_pioctl , @@ -104,8 +125,8 @@ if (k_hasafs()) { char cell[64]; k_setpag(); if(k_afs_cell_of_file(pwd->pw_dir, cell, sizeof(cell)) == 0) - k_afsklog(cell, 0); - k_afsklog(0, 0); + krb_afslog(cell, NULL); + krb_afslog(NULL, NULL); } .Ed .Sh ERRORS