[OpenAFS] xscreensaver locks at 2nd try to unlock
Thomas Mueller
thomas.mueller@hrz.tu-chemnitz.de
Tue, 27 Nov 2001 07:26:35 +0100 (MET)
On Mon, 26 Nov 2001, Marc Schmitt wrote:
> On http://www.tu-chemnitz.de/urz/afs/afs_pam.html, it says that=20
> set_token should only be used if the application does NOT call=20
> pam_setcred(), I took it out of system-auth, but it didn`t change=20
> anything. Any hints welcome. Thanks.
For screensavers it should be better to use "refresh_token", because you
want to have a new token within the old PAG.
We use this configuration (on Redhat 6.2) for xscreensaver:
% cat /etc/pam.d/xscreensaver
auth sufficient /lib/security/pam_afs.krb.so.1 ignore_root refres=
h_token
auth required /lib/security/pam_pwdb.so try_first_pass
%
and it works for us.
Thomas.
--=20
-----------------------------------------------------------------------
Thomas M=FCller, TU Chemnitz, Universit=E4tsrechenzentrum, D-09107 Chemni=
tz
mail: Thomas.Mueller@hrz.tu-chemnitz.de
-----------------------------------------------------------------------