Index: /trunk/packages/invirt-base/python/invirt/authz/locker.py =================================================================== --- /trunk/packages/invirt-base/python/invirt/authz/locker.py (revision 2589) +++ /trunk/packages/invirt-base/python/invirt/authz/locker.py (revision 2590) @@ -59,5 +59,5 @@ or a group) in the home cell (athena.mit.edu for XVM). """ - cell = config.authz.cells[0].cell + cell = config.authz.afs.cells[0].cell auth = _authenticate(cell) return _expandGroup(name, cell=cell, auth=auth) @@ -85,5 +85,5 @@ cells distantly related to the machine's home realm. """ - for c in config.authz.cells: + for c in config.authz.afs.cells: if c.cell == cell and not c.auth: return False Index: /trunk/packages/invirt-database/python/database/validate.py =================================================================== --- /trunk/packages/invirt-database/python/database/validate.py (revision 2589) +++ /trunk/packages/invirt-database/python/database/validate.py (revision 2590) @@ -241,5 +241,5 @@ admin = 'system:' + admin try: - if user in getafsgroups.getAfsGroupMembers(admin, config.authz.cells[0].cell): + if user in getafsgroups.getAfsGroupMembers(admin, config.authz.afs.cells[0].cell): return admin except getafsgroups.AfsProcessError, e: Index: /trunk/packages/invirt-web/code/cache_acls.py =================================================================== --- /trunk/packages/invirt-web/code/cache_acls.py (revision 2589) +++ /trunk/packages/invirt-web/code/cache_acls.py (revision 2590) @@ -40,5 +40,5 @@ return [] try: - return getafsgroups.getAfsGroupMembers(name, config.authz.cells[0].cell) + return getafsgroups.getAfsGroupMembers(name, config.authz.afs.cells[0].cell) except getafsgroups.AfsProcessError: return [] Index: /trunk/packages/invirt-web/code/getafsgroups.py =================================================================== --- /trunk/packages/invirt-web/code/getafsgroups.py (revision 2589) +++ /trunk/packages/invirt-web/code/getafsgroups.py (revision 2590) @@ -31,5 +31,5 @@ def getAfsGroupMembers(group, cell): encrypt = True - for c in config.authz.cells: + for c in config.authz.afs.cells: if c.cell == cell and hasattr(c, 'auth'): encrypt = c.auth Index: /trunk/packages/invirt-web/code/validation.py =================================================================== --- /trunk/packages/invirt-web/code/validation.py (revision 2589) +++ /trunk/packages/invirt-web/code/validation.py (revision 2590) @@ -223,5 +223,5 @@ admin = 'system:' + admin try: - if user in getafsgroups.getAfsGroupMembers(admin, config.authz.cells[0].cell): + if user in getafsgroups.getAfsGroupMembers(admin, config.authz.afs.cells[0].cell): return admin except getafsgroups.AfsProcessError, e: Index: /trunk/packages/invirt-web/invirt-cache-acls =================================================================== --- /trunk/packages/invirt-web/invirt-cache-acls (revision 2589) +++ /trunk/packages/invirt-web/invirt-cache-acls (revision 2590) @@ -1,6 +1,6 @@ #!/bin/sh cells () { - for i in $(invirt-getconf -l authz.cells); do - invirt-getconf authz.cells.$i.cell + for i in $(invirt-getconf -l authz.afs.cells); do + invirt-getconf authz.afs.cells.$i.cell done } Index: /trunk/packages/xvm-devconfig/master.yaml =================================================================== --- /trunk/packages/xvm-devconfig/master.yaml (revision 2589) +++ /trunk/packages/xvm-devconfig/master.yaml (revision 2590) @@ -7,17 +7,18 @@ authz: mech: invirt.authz.locker - cells: - - cell: athena.mit.edu - auth: no - - cell: sipb.mit.edu - auth: yes - - cell: zone.mit.edu - auth: no - - cell: ops.mit.edu - auth: no - - cell: net.mit.edu - auth: no - - cell: dev.mit.edu - auth: no + afs: + cells: + - cell: athena.mit.edu + auth: no + - cell: sipb.mit.edu + auth: yes + - cell: zone.mit.edu + auth: no + - cell: ops.mit.edu + auth: no + - cell: net.mit.edu + auth: no + - cell: dev.mit.edu + auth: no hosts: # hosts on which VMs run Index: /trunk/packages/xvm-prodconfig/master.yaml =================================================================== --- /trunk/packages/xvm-prodconfig/master.yaml (revision 2589) +++ /trunk/packages/xvm-prodconfig/master.yaml (revision 2590) @@ -8,17 +8,18 @@ authz: mech: invirt.authz.locker - cells: - - cell: athena.mit.edu - auth: yes - - cell: sipb.mit.edu - auth: yes - - cell: zone.mit.edu - auth: yes - - cell: ops.mit.edu - auth: no - - cell: net.mit.edu - auth: no - - cell: dev.mit.edu - auth: no + afs: + cells: + - cell: athena.mit.edu + auth: yes + - cell: sipb.mit.edu + auth: yes + - cell: zone.mit.edu + auth: yes + - cell: ops.mit.edu + auth: no + - cell: net.mit.edu + auth: no + - cell: dev.mit.edu + auth: no console: