[OpenAFS] pam_openafs_session.so

Michael Lasevich openafslist@lasevich.net
Tue, 21 May 2002 16:19:33 -0700 

Ok, I think I found the problem. I added the follwing line right before
execution of aklog:

fprintf(stderr,"ENV= %s\n", envi[0]);

what I get from it is:
ENV= KRB5CCNAME=(null)

which I take to mean that the file cache has not been written out yet OR
there is something wrong with how it reads the file cache name.

Anyone know exactly when does pam_krb5/pam_krb5afs write out  the cache to a
file and how to get the filename?

-Michael



----- Original Message -----
From: "Michael Lasevich" <openafslist@lasevich.net>
To: "OpenAFS Info List" <openafs-info@openafs.org>
Sent: Tuesday, May 21, 2002 3:59 PM
Subject: Re: [OpenAFS] Off-topic, anyone tried this?


> here is a complete log of a session:
> using openssh from a windows client
> ------------------------
> C:\>ssh michael@afsserver.afscell
> michael@afsserver.afscell's password:
> Could not chdir to home directory /afs/afscell/u/michael: Permission
denied
>
> Authenticating to cell afscell (server afsserver.afscell).
> We've deduced that we need to authenticate to realm REALM.
> Getting tickets: afs/afscell@REALM
> Kerberos error code returned by get_cred: 22
> aklog: Couldn't get afscell AFS tickets:
> aklog: Invalid argument while getting AFS tickets
> Last login: Tue May 21 15:44:13 from winclient.REALM
> No directory /afs/sf.zowi.com/u/michael!
> Logging in with home = "/".
> bash: /afs/afscell/u/michael/.bash_profile: Permission denied
> bash-2.05$ klist
> Ticket cache: FILE:/tmp/krb5cc_2006_seqe1T
> Default principal: michael@REALM
> Valid starting     Expires            Service principal
> 05/21/02 15:49:38  05/22/02 01:49:40  krbtgt/REALM@REALM
>         renew until 05/22/02 15:49:38
>
>
> Kerberos 4 ticket cache: /tmp/tkt2006
> klist: You have no tickets cached
> bash-2.05$ aklog -d
> Authenticating to cell afscell (server afsserver.afscell).
> We've deduced that we need to authenticate to realm REALM.
> Getting tickets: afs/afscell@REALM
> About to resolve name michael to id in cell afscell.
> Id 2006
> Set username to AFS ID 2006
> Setting tokens. AFS ID 2006 /  @ REALM
> bash-2.05$ klist
> Ticket cache: FILE:/tmp/krb5cc_2006_seqe1T
> Default principal: michael@REALM
> Valid starting     Expires            Service principal
> 05/21/02 15:49:38  05/22/02 01:49:40  krbtgt/REALM@REALM        renew
until
> 05/22/02 15:49:38
> 05/21/02 15:50:20  05/22/02 01:49:40  afs/afscell@REALM
>         renew until 05/22/02 15:49:38
>
>
> Kerberos 4 ticket cache: /tmp/tkt2006
> klist: You have no tickets cached
> bash-2.05$ tokens
>
> Tokens held by the Cache Manager:
>
> User's (AFS ID 2006) tokens for afs@afscell [Expires May 22 01:49]
>    --End of list--
> bash-2.05$
>
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
>