[OpenAFS] gssklog pam_gssklog on solaris 8
Douglas E. Engert
deengert@anl.gov
Fri, 05 Sep 2003 09:00:47 -0500
It is trying the first gssapi mech in the /etc/gss/mech,
which is the DH mech. It is not even looking at the Kerberos
mech. See the message "mech_dh: Success" which is printed by the
gss_display_status for a minor code of 0.
As a test, can you try this on one machine.
edit the /etc/gss/mech file, and put the kerberos_v5 method
first.
I will look at ways to add this to the gssklog code to try
the other mechs.
Chris McClimans wrote:
>
> Anyone had luck getting gssklog / pam_gssklog to work on solaris 8
> using the native krb5/gss implementation?
> My build is having trouble finding the ticket/credentials cache. I'll
> poke around more closely tomorrow.
> -chris
>
> # uname -a
> SunOS olive 5.8 Generic_108528-13 sun4u sparc SUNW,Sun-Blade-100
>
> # ldd ./gssklog
> libgss.so.1 => /usr/lib/libgss.so.1
> libresolv.so.2 => /usr/lib/libresolv.so.2
> libsocket.so.1 => /usr/lib/libsocket.so.1
> libnsl.so.1 => /usr/lib/libnsl.so.1
> libc.so.1 => /usr/lib/libc.so.1
> libdl.so.1 => /usr/lib/libdl.so.1
> libxfn.so.2 => /usr/lib/libxfn.so.2
> libmp.so.2 => /usr/lib/libmp.so.2
> /usr/platform/SUNW,Sun-Blade-100/lib/libc_psr.so.1
>
> # klist
> Ticket cache: /tmp/krb5cc_0
> Default principal: mccliman@CS.TTU.EDU
>
> Valid starting Expires
> Service principal
> Thu Sep 04 22:18:18 2003 Fri Sep 05 08:18:18 2003
> krbtgt/CS.TTU.EDU@CS.TTU.EDU
>
> # ./gssklog
> GSS-error Unable to get user credentials: major:00070000 minor:00000000
> No credentials were supplied, or the credentials were unavailable or
> inaccessible
> mech_dh: Success
>
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
--
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444