[OpenAFS] Re: Ubuntu 10.04 Login Issues

Thomas Calderon calderon.thomas@gmail.com
Wed, 22 Dec 2010 21:53:13 +0100


--00032557a4d60dc29f049805f1da
Content-Type: text/plain; charset=UTF-8

Hi again,

Good to know I'm not alone in this boat, I'll give a shot with a local
Xauthority and fall back to xlock in case I'm not satisfied with the
outcome. Anyway many thanks for the answers you all provided, this mailing
list sure is useful.

Merry Christmas to all!

Thomas.

On Wed, Dec 22, 2010 at 8:58 PM, Andrew Deason <adeason@sinenomine.net>wrote:

> On Wed, 22 Dec 2010 14:35:05 -0500 (EST)
> "Thomas M. Payerle" <payerle@umd.edu> wrote:
>
> > I do not see any good ways to get around this.  Allowing something
> > w/out user's tokens read access to ~/.Xauthority seems rather
> > questionable, plus awkward as needs some access to ~ as well.  Could
> > probably hack gnome-screensaver to pass the magic cookie, etc. to the
> > dialog process to avoid it requiring access to ~/.Xauthority, but I
> > doubt gnome-screensaver maintainers would be interested in supporting
> > that sort of change for a small user base of AFS users.
>
> Store the user's Xauthority on local disk, not in AFS (/tmp, /var/tmp,
> et al work fine). GDM and other display managers have an option for
> this; it's typically recommended whenever $HOME is on any network
> filesystem.
>
> --
> Andrew Deason
> adeason@sinenomine.net
>
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
>

--00032557a4d60dc29f049805f1da
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Hi again,<br><br>Good to know I&#39;m not alone in this boat, I&#39;ll give=
 a shot with a local Xauthority and fall back to xlock in case I&#39;m not =
satisfied with the outcome. Anyway many thanks for the answers you all prov=
ided, this mailing list sure is useful.<br>
<br>Merry Christmas to all!<br><br>Thomas.<br><br><div class=3D"gmail_quote=
">On Wed, Dec 22, 2010 at 8:58 PM, Andrew Deason <span dir=3D"ltr">&lt;<a h=
ref=3D"mailto:adeason@sinenomine.net">adeason@sinenomine.net</a>&gt;</span>=
 wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin: 0pt 0pt 0pt 0.8ex; borde=
r-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;"><div class=3D"im"=
>On Wed, 22 Dec 2010 14:35:05 -0500 (EST)<br>
&quot;Thomas M. Payerle&quot; &lt;<a href=3D"mailto:payerle@umd.edu">payerl=
e@umd.edu</a>&gt; wrote:<br>
<br>
&gt; I do not see any good ways to get around this. =C2=A0Allowing somethin=
g<br>
&gt; w/out user&#39;s tokens read access to ~/.Xauthority seems rather<br>
&gt; questionable, plus awkward as needs some access to ~ as well. =C2=A0Co=
uld<br>
&gt; probably hack gnome-screensaver to pass the magic cookie, etc. to the<=
br>
&gt; dialog process to avoid it requiring access to ~/.Xauthority, but I<br=
>
&gt; doubt gnome-screensaver maintainers would be interested in supporting<=
br>
&gt; that sort of change for a small user base of AFS users.<br>
<br>
</div>Store the user&#39;s Xauthority on local disk, not in AFS (/tmp, /var=
/tmp,<br>
et al work fine). GDM and other display managers have an option for<br>
this; it&#39;s typically recommended whenever $HOME is on any network<br>
filesystem.<br>
<div class=3D"im"><br>
--<br>
Andrew Deason<br>
<a href=3D"mailto:adeason@sinenomine.net">adeason@sinenomine.net</a><br>
<br>
_______________________________________________<br>
</div><div><div></div><div class=3D"h5">OpenAFS-info mailing list<br>
<a href=3D"mailto:OpenAFS-info@openafs.org">OpenAFS-info@openafs.org</a><br=
>
<a href=3D"https://lists.openafs.org/mailman/listinfo/openafs-info" target=
=3D"_blank">https://lists.openafs.org/mailman/listinfo/openafs-info</a><br>
</div></div></blockquote></div><br>

--00032557a4d60dc29f049805f1da--