[OpenAFS] aklog PAM module

Martin Schulz schulz@iwrmm.math.uni-karlsruhe.de
31 May 2001 17:27:51 +0200


Charles Clancy <mgrtcc@cs.rose-hulman.edu> writes:

> In a Kerberized AFS environment, you can use a Kerberos PAM module (such
> as the one that comes with Solaris 8) to allow logins, but there
> apparently hasn't been anything that will run aklog to get an AFS token
> for you automatically.  You can put aklog in your system login script, or
> you can use some of the patched daemons that come the migration kit, but
> that won't work if you're trying to support ProFTPd or UW-IMAP.
> 
> So, I wrote a simple little PAM module that when used in conjunction with
> Kerberos PAM will get a TGT and AFS token for users logging in, regardless
> of what service they using.
> 
> It's downloadable via:
> ftp://ftp.cs.rose-hulman.edu/pub/misc/pam-aklog/pam-aklog-1.0.tar.gz
> 
> I've tested it with RedHat 7.1 and Solaris 8 (sparc).

Oh, I have a problem on my Rh7.1 box: 

$ make
cc -c pam_aklog.c -o pam_aklog.o
pam_aklog.c: In function `pam_sm_open_session':
pam_aklog.c:35: warning: passing arg 2 of `pam_get_user' from incompatible pointer type
ld -G pam_aklog.o -lpam -o pam_aklog.so


and when using it, I get in my messages:

May 31 17:09:44 iwr07 login[25360]: PAM unable to resolve symbol:
 pam_sm_close_session

Yours,
-- 
Martin Schulz                             schulz@iwrmm.math.uni-karlsruhe.de
Uni Karlsruhe, Institut f. wissenschaftliches Rechnen u. math. Modellbildung
Engesser Str. 6, 76128 Karlsruhe