[OpenAFS] Off-topic, anyone tried this?

Michael Lasevich openafslist@lasevich.net
Tue, 21 May 2002 15:38:37 -0700

I checked path, it was fine. I did not think this was an issue because I was
already getting errors from aklog, so it was running.

I added -d flag to be passed to aklog and got this output:

(afscell is the name of the cell, afsserver is the name of the server and
REALM is AD Realm name. (These are not the actual values, I replaced them.))
Authenticating to cell afscell (server afsserver.afscell).
We've deduced that we need to authenticate to realm REALM.
Getting tickets: afs/afscell@REALM
Kerberos error code returned by get_cred: 22
aklog: Couldn't get afscell AFS tickets:
aklog: Invalid argument while getting AFS tickets
I am suspecting it is something

> Make sure that you have changed the path in the pam_openafs_session.c to
> correct one for aklog.
> Also see my previous mail about the ordering.

Order is correct, but just in case, here is the "system-auth" file (extra
set of eyes alwasy helps)

BTW, does anyone know which module sets the home dir? I get homedir not
found BEFORE aklog runs, thus even if it does work, I'll have a problem with
home dirs.

# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      /lib/security/pam_env.so
auth        sufficient    /lib/security/pam_unix.so likeauth nullok
auth        sufficient    /lib/security/pam_krb5afs.so use_first_pass tokens
auth        required      /lib/security/pam_deny.so

account     required      /lib/security/pam_unix.so

password    required      /lib/security/pam_cracklib.so retry=3 type=
password    sufficient    /lib/security/pam_unix.so nullok use_authtok md5
shadow nis
password    sufficient    /lib/security/pam_krb5afs.so use_authtok debug
password    required      /lib/security/pam_deny.so

session     required      /lib/security/pam_limits.so
session     required      /lib/security/pam_unix.so
session     optional      /lib/security/pam_krb5afs.so debug
session     optional      /lib/security/pam_openafs_session.so debug

Thank you.