[OpenAFS] significant delay for afs user to login as root via su

[ematlis@yahoo.com]

I added "debug" to the session stack as so:=0A=0Asession     required      =
pam_afs_session.so program=3D/usr/bin/aklog debug=0A=0AHowever, logging in =
via su only produces this in /var/log/secure:=0A=0AMar 17 17:22:25 aerogold=
 su: pam_unix(su:session): session opened for user root by ematlis(uid=3D86=
261)=0A=0Athoughts?=0Aeric=0A=0A=0A--- On Wed, 3/17/10, Russ Allbery <rra@s=
tanford.edu> wrote:=0A=0A> From: Russ Allbery <rra@stanford.edu>=0A> Subjec=
t: Re: [OpenAFS] significant delay for afs user to login as root via su=0A>=
 To: ematlis@yahoo.com=0A> Cc: "Simon Wilkinson" <sxw@inf.ed.ac.uk>, openaf=
s-info@openafs.org=0A> Date: Wednesday, March 17, 2010, 4:17 PM=0A> ematlis=
@yahoo.com=0A> writes:=0A> =0A> > I added debug to the end of this line in=
=0A> /etc/pam.d/system-auth-ac:=0A> =0A> > auth=A0 =A0 =A0 [default=3Ddone]=
=A0=0A> pam_afs_session.so program=3D/usr/bin/aklog debug=0A> =0A> > Howeve=
r, /var/log/secure does not show any more=0A> information that normal.=0A> =
> Do I need to restart some service to "activate" this=0A> change?=0A> =0A>=
 No.=0A> =0A> Did you also add debug to any invocation of pam_afs_session=
=0A> in the session=0A> stack?=A0 In most configurations you're using the=
=0A> regular UNIX root password=0A> for su, so the auth stack pam_afs_sessi=
on invocation, which=0A> is conditional=0A> on Kerberos authentication norm=
ally, never happens.=A0=0A> Only the session=0A> invocation happens.=0A> =
=0A> -- =0A> Russ Allbery (rra@stanford.edu)=A0=0A> =A0 =A0 =A0 =A0 =A0=A0=
=A0<http://www.eyrie.org/~eagle/>=0A> =0A=0A=0A