[OpenAFS] Off-topic, anyone tried this?
Michael Lasevich
openafslist@lasevich.net
Tue, 21 May 2002 15:38:37 -0700
I checked path, it was fine. I did not think this was an issue because I was
already getting errors from aklog, so it was running.
I added -d flag to be passed to aklog and got this output:
(afscell is the name of the cell, afsserver is the name of the server and
REALM is AD Realm name. (These are not the actual values, I replaced them.))
-----------------------------------
Authenticating to cell afscell (server afsserver.afscell).
We've deduced that we need to authenticate to realm REALM.
Getting tickets: afs/afscell@REALM
Kerberos error code returned by get_cred: 22
aklog: Couldn't get afscell AFS tickets:
aklog: Invalid argument while getting AFS tickets
----------------------------
I am suspecting it is something
> Make sure that you have changed the path in the pam_openafs_session.c to
the
> correct one for aklog.
>
> Also see my previous mail about the ordering.
Order is correct, but just in case, here is the "system-auth" file (extra
set of eyes alwasy helps)
BTW, does anyone know which module sets the home dir? I get homedir not
found BEFORE aklog runs, thus even if it does work, I'll have a problem with
home dirs.
---------------------------
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth required /lib/security/pam_env.so
auth sufficient /lib/security/pam_unix.so likeauth nullok
auth sufficient /lib/security/pam_krb5afs.so use_first_pass tokens
debug
auth required /lib/security/pam_deny.so
account required /lib/security/pam_unix.so
password required /lib/security/pam_cracklib.so retry=3 type=
password sufficient /lib/security/pam_unix.so nullok use_authtok md5
shadow nis
password sufficient /lib/security/pam_krb5afs.so use_authtok debug
password required /lib/security/pam_deny.so
session required /lib/security/pam_limits.so
session required /lib/security/pam_unix.so
session optional /lib/security/pam_krb5afs.so debug
session optional /lib/security/pam_openafs_session.so debug
--------------------------------------
Thank you.
-Michael