[OpenAFS-devel] pam_gssklog on solaris9

[Rong,Yongjun(CS)]

Hi,
  The execle(gssklog_exec, "gssklog","-silent",0,env) in gssklog_pag_klog
has benn called. But it returns errno= 13 which means permission denied. I
have checked the permission of the gssklog and pam_gssklog.so.1. All are
755. I can run gssklog manully via command line. But the pam_gssklog.so
cannot call gssklog via execle.
  Anyone has any suggestions?
  Thanks.
  Rong

-----Original Message-----
From: openafs-devel-admin@openafs.org
[mailto:openafs-devel-admin@openafs.org]On Behalf Of Rong,Yongjun(CS)
Sent: Monday, June 14, 2004 2:35 PM
To: openafs-devel@openafs.org
Subject: RE: [OpenAFS-devel] pam_gssklog on solaris9


I have got the pam_sm_setcred called when a user login. But pam_gss_klog
seems cannot call gssklog_pag_klog function.
 I got below debug information before gssklog_pag_klog be called:
Jun 14 14:26:27 tset dtlogin[7216]: [ID 868606 user.debug] pam_gssklog:
env=KRB5CCNAME=FILE:/tmp/krb5cc_2079_X7aago
Jun 14 14:26:27 tset dtlogin[7216]: [ID 868606 user.debug] pam_gssklog:
set_pag=1

I have checked the /tmp/krb5cc_2079_X7aago is correct. But it seems
gssklog_pag_klog is not called even there is a function call from
pam_gssklog as below:
 gssklog_pag_klog(set_pag, env);
I have put some debug inside the hssklog_pag_klog.c, but no any information
was print.
Thanks for your suggestions.
Rong

-----Original Message-----
From: openafs-devel-admin@openafs.org
[mailto:openafs-devel-admin@openafs.org]On Behalf Of Rong,Yongjun(CS)
Sent: Thursday, June 10, 2004 5:02 PM
To: Rong,Yongjun(CS); openafs-devel@openafs.org
Subject: RE: [OpenAFS-devel] pam_gssklog on solaris9


I have got pam_sm_setcred called by PAM framework after I changed my
pam.conf as below:
dtlogin   auth requisite          pam_authtok_get.so.1 debug
#dtlogin   auth required           pam_dhkeys.so.1 debug
#dtlogin   auth   sufficient    pam_unix_auth.so.1 debug use_first_pass
dtlogin   auth    required      pam_krb5.so debug forwardable realmm=TTU.EDU
use_first_pass
dtlogin   auth required       pam_gssklog.so.1 debug

-----Original Message-----
From: openafs-devel-admin@openafs.org
[mailto:openafs-devel-admin@openafs.org]On Behalf Of Rong,Yongjun(CS)
Sent: Thursday, June 10, 2004 3:51 PM
To: openafs-devel@openafs.org
Subject: [OpenAFS-devel] pam_gssklog on solaris9


Hi, All,
  I have another problem for the pam_gssklog. It seems the pam_sm_setcred
cannot be called during the process of login. My pam.conf for dtlogin is as
below:

dtlogin   auth requisite          pam_authtok_get.so.1 debug
dtlogin   auth required           pam_dhkeys.so.1 debug
dtlogin   auth   sufficient    pam_unix_auth.so.1 debug use_first_pass
dtlogin   auth    optional      pam_krb5.so debug forwardable realmm=TTU.EDU
use_first_pass
dtlogin   auth optional       pam_gssklog.so.1 debug

pam_kr5b.so is work fine. After the user login, I can klist the tickets. But
the pam_gssklog is not work well. From the debug information, the
pam_sm_setcred is not be called.
Any suggestions, Thanks in advanced.
Rong



_______________________________________________
OpenAFS-devel mailing list
OpenAFS-devel@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-devel

_______________________________________________
OpenAFS-devel mailing list
OpenAFS-devel@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-devel

_______________________________________________
OpenAFS-devel mailing list
OpenAFS-devel@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-devel