[OpenAFS] httpd -setpag problems?!
Russ Allbery
rra@stanford.edu
Thu, 10 Jul 2008 23:08:30 -0700
"TIARA System Man" <sysman@tiara.sinica.edu.tw> writes:
> BUT, i modify "/etc/rc.d/init.d/httpd" file as following :
> (omit)
> PRE_CMD1="/usr/kerberos/bin/kinit -l 1d -k -t /etc/httpd/conf/http.keytab
> HTTP/lesoleil.tiara.sinica.edu.tw"
> PRE_CMD2="/usr/bin/aklog -d -setpag"
> POST_CMD="/usr/kerberos/bin/kdestroy"
aklog -setpag doesn't work with modern kernels in various different ways,
one of which being that it can set up a PAG and then not get a token. I
suspect that's your problem.
You probably want to use k5start:
http://www.eyrie.org/~eagle/software/kstart/
Then you can replace your invocation here:
> $PRE_CMD1 ; $PRE_CMD2
> LANG=$HTTPD_LANG daemon $httpd $OPTIONS
> RETVAL=$?
> echo
> [ $RETVAL = 0 ] && touch ${lockfile}
> $POST_CMD
> return $RETVAL
with:
k5start -b -l 1d -tUf /etc/httpd/conf/http.keytab -- \
env LANG=$HTTP_LANG $httpd $OPTIONS
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch ${lockfile}
return $RETVAL
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>