[OpenAFS] Re: pam-afs-session 1.3 released
Joe Buehler
aspam@cox.net
Tue, 17 Apr 2007 17:43:01 -0400
Looking at the pam_krb5.1 module supplied with HPUX I see
the following string in it:
KRB5CCNAME=%s
Here's an excerpt from the HP man page for pam_krb5:
Authentication Module
The authentication module verifies the user identity and sets the user
credentials. It passes the authentication key derived from the user's
password to the Kerberos security service. The security service uses
the authentication key to verify the user and issues a ticket-granting
ticket. The credential management function sets user specific
credentials. It stores the credentials in a cache file and exports the
environment variable KRB5CCNAME to identify the cache file. The cache
file is stored in /tmp directory. This module creates a unique cache
file for every session. The credential cache file can be destroyed
using the Session management module.
So I am guessing that the module uses the standard UNIX environment
API instead of the PAM-specific API and trivial changes for this
will make it work.
Joe Buehler