[OpenAFS] PAM and tokens on login
Ramanan Sankaran
rsankara@umich.edu
Sun, 01 Jul 2001 15:40:42 -0400
This is a newbie question.
I run Redhat7.1 and installed Openafs rpms. AFS works fine now.
I followed the Quick-Beginnings guide and made changes to enable AFS
login.
My /etc/pam.d/login is....
#%PAM-1.0
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_afs.so try_first_pass
ignore_root
auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_console.so
When i telnet to my pc from any other host, upon logging in, i
automatically have the tokens for AFS access.
But when i login from console (the nice xlogin screen from redhat), i
need to run "klog" and enter my password again for AFS access. How can i
get tokens for without having to run klog again? The password that i
used while logging in from console is my AFS password (so the
authentication is through pam_afs only).
I made the same changes to my /etc/pam.d/xdm file also....
#%PAM-1.0
auth required /lib/security/pam_nologin.so
auth sufficient /lib/security/pam_afs.so try_first_pass
ignore_root
auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_console.so
I wasnt sure if xdm is the right file. But this change doesnt help me.
Will anyone be kind enuf to let me know what needs to be done for this.
Thanks!
Ramanan.