Invoke Command On Boot

Discussion in 'Mac Programming' started by whatlifeforme, Sep 7, 2011.

  1. whatlifeforme macrumors member

    Jul 10, 2011
    What is the best way of accomplishing this task?

    I use OpenAFS to access disk space offered through my univeristy. I have a folder on my desktop to give me direct access.

    However, in order to access the space, I must use the command "klog username" and follow with a password in terminal. This "authenticates," me or obtains a token.

    I want to do this automatically on boot, or when I click the folder. What is the best way of doing this. I was going to save the command as a ".command," then run on startup, but two (2) problems.

    1) it's not a single command, but after klog username, it must enter a password.
    2) i don't want to save the password in plain text.

    What is the most efficient way of accomplishing this task? I am sure there are many convoluted ways of doing this, but i want to minimize overhead.
  2. larkost macrumors 6502a

    Oct 13, 2007
    First off, you don't want this at boot, you want this at login. This is an important distinction, since the AFS token applies to your user, not your computer.

    There is not going to be any way of avoiding providing a password, and any way that you could script up is going to have to have the password embedded into it. Your AFS administrator (rightly) requires you to authenticate, and saving passwords is really bad security.

    It is in theory possible to create a binary that would use the AFS codebase and also be able to use the keychain (so you could stash you password there), but that is probably out-of-scope for this problem.

    My advice: just suck it up and keep going.
  3. itsmrjon macrumors regular

    Jun 11, 2011
    I'm not familiar with openafs.. is the entire process done through terminal?
    do you have the ability to use an rsa key in place of a password?
  4. foidulus macrumors 6502a

    Jan 15, 2007
    That would be the best solution(not familiar with klog so I am not sure what kind of API they provide), but its not the only solution. If you are really ambitious you probably can fake a TTY and input the password stored in the keychain that way, but that certainly would require a decent knowledge of C.

Share This Page