[OpenAFS] Getting tokens for non-interactive services
Charles Clancy
security@xauth.net
Sat, 1 Mar 2003 23:13:53 -0600 (CST)
On Sat, 1 Mar 2003, Frank Burkhardt wrote:
> On Wed, Feb 26, 2003 at 02:01:49PM -0600, Charles Clancy wrote:
>
> > Try removing the set_token from pam_openafs_session. Perhaps your krb5
> > module isn't creating the krb5 credential cache until setcred, and since
> > samba properly supports setcred, it should be fine.
>
> Samba won't grant afs-authenticated access neither with nor without
> set_token.
Can you turn up the Samba debug level (and the PAM debug level) to get
some relevent logs?
>
> > Does your configuration work for things like sshd or telnetd?
> Yes.
>
> SSHD successfully gets a token (as long as I don't use PK-Auth :-( ).
Compile in token passing. :-( --> :-)
[ t charles clancy ]--[ tclancy@uiuc.edu ]--[ www.uiuc.edu/~tclancy ]