[OpenAFS-devel] pam_gssklog on solaris9
Rong,Yongjun(CS)
rong@cs.ttu.edu
Mon, 14 Jun 2004 17:08:10 -0500
Hi,
The execle(gssklog_exec, "gssklog","-silent",0,env) in gssklog_pag_klog
has benn called. But it returns errno= 13 which means permission denied. I
have checked the permission of the gssklog and pam_gssklog.so.1. All are
755. I can run gssklog manully via command line. But the pam_gssklog.so
cannot call gssklog via execle.
Anyone has any suggestions?
Thanks.
Rong
-----Original Message-----
From: openafs-devel-admin@openafs.org
[mailto:openafs-devel-admin@openafs.org]On Behalf Of Rong,Yongjun(CS)
Sent: Monday, June 14, 2004 2:35 PM
To: openafs-devel@openafs.org
Subject: RE: [OpenAFS-devel] pam_gssklog on solaris9
I have got the pam_sm_setcred called when a user login. But pam_gss_klog
seems cannot call gssklog_pag_klog function.
I got below debug information before gssklog_pag_klog be called:
Jun 14 14:26:27 tset dtlogin[7216]: [ID 868606 user.debug] pam_gssklog:
env=KRB5CCNAME=FILE:/tmp/krb5cc_2079_X7aago
Jun 14 14:26:27 tset dtlogin[7216]: [ID 868606 user.debug] pam_gssklog:
set_pag=1
I have checked the /tmp/krb5cc_2079_X7aago is correct. But it seems
gssklog_pag_klog is not called even there is a function call from
pam_gssklog as below:
gssklog_pag_klog(set_pag, env);
I have put some debug inside the hssklog_pag_klog.c, but no any information
was print.
Thanks for your suggestions.
Rong
-----Original Message-----
From: openafs-devel-admin@openafs.org
[mailto:openafs-devel-admin@openafs.org]On Behalf Of Rong,Yongjun(CS)
Sent: Thursday, June 10, 2004 5:02 PM
To: Rong,Yongjun(CS); openafs-devel@openafs.org
Subject: RE: [OpenAFS-devel] pam_gssklog on solaris9
I have got pam_sm_setcred called by PAM framework after I changed my
pam.conf as below:
dtlogin auth requisite pam_authtok_get.so.1 debug
#dtlogin auth required pam_dhkeys.so.1 debug
#dtlogin auth sufficient pam_unix_auth.so.1 debug use_first_pass
dtlogin auth required pam_krb5.so debug forwardable realmm=TTU.EDU
use_first_pass
dtlogin auth required pam_gssklog.so.1 debug
-----Original Message-----
From: openafs-devel-admin@openafs.org
[mailto:openafs-devel-admin@openafs.org]On Behalf Of Rong,Yongjun(CS)
Sent: Thursday, June 10, 2004 3:51 PM
To: openafs-devel@openafs.org
Subject: [OpenAFS-devel] pam_gssklog on solaris9
Hi, All,
I have another problem for the pam_gssklog. It seems the pam_sm_setcred
cannot be called during the process of login. My pam.conf for dtlogin is as
below:
dtlogin auth requisite pam_authtok_get.so.1 debug
dtlogin auth required pam_dhkeys.so.1 debug
dtlogin auth sufficient pam_unix_auth.so.1 debug use_first_pass
dtlogin auth optional pam_krb5.so debug forwardable realmm=TTU.EDU
use_first_pass
dtlogin auth optional pam_gssklog.so.1 debug
pam_kr5b.so is work fine. After the user login, I can klist the tickets. But
the pam_gssklog is not work well. From the debug information, the
pam_sm_setcred is not be called.
Any suggestions, Thanks in advanced.
Rong
_______________________________________________
OpenAFS-devel mailing list
OpenAFS-devel@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-devel
_______________________________________________
OpenAFS-devel mailing list
OpenAFS-devel@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-devel
_______________________________________________
OpenAFS-devel mailing list
OpenAFS-devel@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-devel