[OpenAFS] Re: Need help: Tokens stop working

Daniel Richard G. danielg@teragram.com
Fri, 9 Oct 2009 13:16:21 -0400

> -----Original Message-----
> From: openafs-info-admin@openafs.org [mailto:openafs-
> info-admin@openafs.org] On Behalf Of Andrew Deason
> So you have gid-based PAGs; do you know if your kernel
> also has keyring
> support? 'keyctl show' should show an afs PAG key, if
> we're using that.

Yes indeed:

$ keyctl show
Session Keyring
       -3 --alswrv      0 10000  keyring: _ses.3871
1003800021 ----s--v      0     0   \_ afs_pag: _pag

> We've seen some odd behavior in some situations when
> gid and keyring
> PAG tracking are both in use. I've never seen issues
> with it and SSH,
> though, and if your tokens are lasting longer than 10
> minutes, that's
> probably not the problem.

It's a layer I was unaware of, at least. I'll try looking at the keyring the 
next time I get the odd token behavior.

Any other ideas as to what kind of poking and prodding I can do when the AFS 
token isn't working as it should?