[OpenAFS-devel] Integrated Login on AIX 5.3
Christopher D. Clausen
cclausen@acm.org
Sat, 18 Feb 2006 21:03:43 -0600
Jay Compton <jayc@us.ibm.com> wrote:
> Hello,
>
> I am currently running the latest stable build of OpenAFS (1.4.0) on
> AIX
> 5.3, maintenance level 3. The afsd daemon starts up and runs fine,
> but I can't get integrated login working. I have setup the
> /etc/security files as the documentation suggests to no avail thus
> far. I was wondering if anyone had successfully setup logins using
> AIX's default authentication grammar or through PAM, which I am
> trying to look into as well.
I tried to get this working on AIX 5.1 a couple years ago and basically
gave up. But, AIX 5.1 doesn't have PAM support and thus I didn't
attempt that option yet.
If you are using Kerberos, it might be possible to use Kerberos tickets
and simply run aklog or klog out of the default profile files. Or,
maybe use a pam_run module to just exec aklog (assuming you can do that
in the correct user PAG.)
Do you need it to work for SSH connections only? B/c you might be
better off trying to get SSH to use the GetAFSToken option instead of
messing with LAM.
<<CDC
--
Christopher D. Clausen
ACM@UIUC SysAdmin