Store AFS cell configuration at authz.afs.cells instead of just

author Evan Broder <broder@mit.edu>

Tue, 8 Dec 2009 02:33:43 +0000 (21:33 -0500)

committer Evan Broder <broder@mit.edu>

Tue, 8 Dec 2009 02:33:43 +0000 (21:33 -0500)
author Evan Broder <broder@mit.edu>
Tue, 8 Dec 2009 02:33:43 +0000 (21:33 -0500)
committer Evan Broder <broder@mit.edu>
Tue, 8 Dec 2009 02:33:43 +0000 (21:33 -0500)
diff --git a/python/invirt/authz/locker.py b/python/invirt/authz/locker.py

index 7982f8d..cbfc28a 100644 (file)
--- a/python/invirt/authz/locker.py
+++ b/python/invirt/authz/locker.py
@@ -58,7 +58,7 @@ def expandAdmin(name, owner):
      administrator is always interpreted as an AFS entry (either a user
      or a group) in the home cell (athena.mit.edu for XVM).
      """
      administrator is always interpreted as an AFS entry (either a user
      or a group) in the home cell (athena.mit.edu for XVM).
      """
-    cell = config.authz.cells[0].cell
+    cell = config.authz.afs.cells[0].cell
      auth = _authenticate(cell)
      return _expandGroup(name, cell=cell, auth=auth)
  
      auth = _authenticate(cell)
      return _expandGroup(name, cell=cell, auth=auth)
  
@@ -84,7 +84,7 @@ def _authenticate(cell):
      which authenticate directly against the machine's home realm and
      cells distantly related to the machine's home realm.
      """
      which authenticate directly against the machine's home realm and
      cells distantly related to the machine's home realm.
      """
-    for c in config.authz.cells:
+    for c in config.authz.afs.cells:
          if c.cell == cell and not c.auth:
              return False
  
          if c.cell == cell and not c.auth:
              return False
author	Evan Broder <broder@mit.edu>
	Tue, 8 Dec 2009 02:33:43 +0000 (21:33 -0500)
committer	Evan Broder <broder@mit.edu>
	Tue, 8 Dec 2009 02:33:43 +0000 (21:33 -0500)