[OpenAFS] significant delay for afs user to login as root via su

ematlis@yahoo.com ematlis@yahoo.com
Thu, 18 Mar 2010 05:20:03 -0700 (PDT)


This is what I see in /var/log/debug:=0A=0AMar 18 08:19:55 aerogold su: (pa=
m_afs_session): pam_sm_open_session: entry (0x0)=0AMar 18 08:19:55 aerogold=
 su: (pam_afs_session): skipping tokens, no Kerberos ticket cache=0AMar 18 =
08:19:55 aerogold su: (pam_afs_session): pam_sm_open_session: exit (success=
)=0AMar 18 08:19:55 aerogold su: pam_unix(su:session): session opened for u=
ser root by ematlis(uid=3D86261)=0A=0AThese entries ocurred as soon as I gi=
ve the root password, however the login doesn't happen until about 45 secon=
ds later.=0A=0ADoes this tell us anything?=0A=0AThanks,=0Aeric=0A=0A--- On =
Thu, 3/18/10, Stephen Quinney <stephen@jadevine.org.uk> wrote:=0A=0A> From:=
 Stephen Quinney <stephen@jadevine.org.uk>=0A> Subject: Re: [OpenAFS] signi=
ficant delay for afs user to login as root via su=0A> To: ematlis@yahoo.com=
=0A> Cc: "Russ Allbery" <rra@stanford.edu>, "Simon Wilkinson" <sxw@inf.ed.a=
c.uk>, openafs-info@openafs.org=0A> Date: Thursday, March 18, 2010, 6:35 AM=
=0A> On Wed, Mar 17, 2010 at 9:25=0A> PM,=A0 <ematlis@yahoo.com>=0A> wrote:=
=0A> > Well, there's nothing in /var/log/messages=0A> either.=A0 As for che=
cking the PAM configuration for su,=0A> can you elaborate?=A0 I'm a beginne=
r at this, so you may=0A> have to provide details.=0A> >=0A> =0A> You proba=
bly need to adjust your syslog settings, most=0A> don't log=0A> 'debug' mes=
sages by default. In rsyslog on F12 I altered=0A> /etc/rsyslog.conf to incl=
ude the following line:=0A> =0A> *.debug=A0 =A0 =A0 =A0 =A0 =A0 =A0=0A> =A0=
 =A0 =A0 =A0 =A0 =A0 =A0 =A0=0A> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0=0A> =A0=A0=
=A0/var/log/debug=0A> =0A> after the *.info line. You then need to do=0A> "=
/etc/init.d/rsyslog=0A> reload", after that messages will appear in /var/lo=
g/debug=0A> from=0A> pam_afs_session=0A> =0A> =0A> Stephen=0A> ____________=
___________________________________=0A> OpenAFS-info mailing list=0A> OpenA=
FS-info@openafs.org=0A> https://lists.openafs.org/mailman/listinfo/openafs-=
info=0A> =0A=0A=0A