RELEASE NOTE for Fermi Kerberos v0_2
The chief user-visible addition is that the Kerberos login (login.krb5) and kinit programs will now get AFS tokens for you if the appdefaults section of your /etc/krb5.conf so directs. When installing on an AFS client, use the "-q afs" qualifier to select the AFS-aware version of the product.
One note: at present, the AFS token you get will expire at the same time as your Kerberos ticket, which is 13 hours rather than our usual AFS token lifetime. If you renew your Kerberos ticket with "kinit -R" you'll need to run the new command "aklog" to get a new AFS token too. This tedium will be fixed in the next release.
If you upgrade from v0_1, the companion krb5conf product will overwrite your /etc/krb5.conf. if you've made local changes to that file "below the line", merge them afterward from the saved copy that will be produced by the new installation.
Your /etc/krb5.keytab will not be affected.
I encourage experimentation with copying /usr/local/sbin/login.krb5 to /bin/login. (Save your original /bin/login first!) In production mode, that should be a normal part of configuring a machine for the strengthened realm.