[OpenAFS] RHEL v.3 krb5/afs
Derek T. Yarnell
derek@cs.umd.edu
Mon, 10 May 2004 15:14:15 -0400
On Mon, May 10, 2004 at 01:41:45PM -0400, Derrick J Brashear wrote:
> On Mon, 10 May 2004, Derek T. Yarnell wrote:
>
> > May 10 12:34:29 merrimack sshd[6667]: pam_krb5[6667]: obtaining tokens for 'csic.umd.edu'
> > May 10 12:34:29 merrimack sshd[6667]: pam_krb5[6667]: got error 77 (File descriptor in bad state) while obtaining tokens for csic.umd.edu
> > May 10 12:34:29 merrimack sshd[6667]: pam_krb5[6667]: obtaining tokens for 'csic.umd.edu'
> > May 10 12:34:29 merrimack sshd[6667]: pam_krb5[6667]: got error 77 (File descriptor in bad state) while obtaining tokens for csic.umd.edu
>
> i'll bet this is using krbafs and that it's doing something dumb like
> returning a krb4 error
> #define TKT_FIL_ACC 77 /* Couldn't access tkt file */
>
> strace it and see where you get EACCES or EPERM, probably.
Alright well I have gotten further, I get this error:
May 10 14:55:38 merrimack su[7019]: pam_krb5[7019]: obtaining afs tokens
May 10 14:55:38 merrimack su[7019]: pam_krb5[7019]: obtaining tokens for 'csic.umd.edu'
May 10 14:55:38 merrimack su[7019]: pam_krb5[7019]: got error 76 (Name not unique on network) while obtaining tokens for csic.umd.edu
May 10 14:55:38 merrimack su[7019]: pam_krb5[7019]: obtaining tokens for 'csic.umd.edu'
May 10 14:55:38 merrimack su[7019]: pam_krb5[7019]: got error 76 (Name not unique on network) while obtaining tokens for csic.umd.edu
This seems to be the error, there is no ticket file, and this is
correct. I have no tkt file for krb4.
If I replace the pam_krb5afs module with pam_krb5 1.3rc8 version 1.33
from my redhat 9 clients, I can get it to work fine.
Arghh!
--
---
Derek T. Yarnell
University of Maryland
Computer Science Department Unix Staff
derek@cs.umd.edu