[OpenAFS-devel] gdm + OpenAFS + linux 2.4.x + rh7.0?

Erik Burckart erik@burckart.org
Fri, 30 Mar 2001 19:02:10 -0500 

After some basic troubleshooting...I am not convinced this is the pam module
alone. <original message below>  It doesn't work with other afs pam modules
that were running fine on a 2.2 machine.  I took a 2.2 machine that worked
just fine...rebooted into a 2.4 kernel changing only the kernel module (to
OpenAFS 1.0.3) and afsd.  (I also tried changing everything...which didn't
work.)  The error that shows up is a simple one in /var/log/messages :

Mar 30 15:44:02 ejburcka PAM_unix[722]: (system-auth) session opened for user
ejburcka by (uid=0)
Mar 30 15:44:02 ejburcka gdm[722]: gdm_slave_session_start: ejburcka on :0
Mar 30 15:44:02 ejburcka gdm[722]: gdm_auth_user_add: /afs/<my home directory>
is writable by other.
Mar 30 15:44:02 ejburcka gdm[1255]: gdm_slave_session_init: Directory /afs/<my
home directory>/.gnome does not exist.
Mar 30 15:44:03 ejburcka PAM_unix[722]: (system-auth) session closed for user
ejburcka

So, it looks as if it isn't getting proper credentials before searching for
this directory.  If anyone has any insight that would be
appreciated...otherwise I will search for it myself.  I currently believe that
it is, at very least, not pam alone.

-E

>>>>
Subject:
          [OpenAFS] gdm + OpenAFS + linux 2.4.x + rh7.0?
      Date:
          Fri, 30 Mar 2001 16:06:36 -0500
     From:
          Erik J Burckart <erik@burckart.org>
       To:
          openafs-info@openafs.org


For whatever reason...I cannot login as an afs user to a GNOME or KDE
session from gdm with OpenAFS 1.0.3 or 1.0.2.  I have tried this on 2 RH
7.0 machines with Linux kernels 2.4.0 and 2.4.2.  Now, I can login on a
terminal and start X up.  The problem seems to be that something is not
getting tokens to read the correct files out of AFS space quickly
enough.  As far as pam configuration, I only added the one afs line
"auth  sufficient  /lib/security/pam_afs.so ignore_root try_first_pass"
as the first line in /etc/pam.d/system-auth.

I am going to further look into this, but thought I would throw this out
there in case anyone else had seen this.

-E