[OpenAFS] ACL for single files
Rolandas Naujikas
rolnas@takas.lt
Thu, 16 Sep 2004 21:00:21 +0300
Hello
You can read about this on 'man sshd' -> LOGIN PROCESS.
For 7. you home dir must be "enterable" (have at least l in ACL for
system:anyuser).
Rolandas Naujikas
On Thu, Sep 16, 2004 at 05:55:40PM +0300, Rolandas Naujikas wrote:
> There are /etc/ssh/sshrc script, that is run after authentification, but
> before shell. You need setup xauth manualy in this file also. My setup is:
>
> ----------------------------------------------
> /usr/bin/aklog </dev/null >/dev/null 2>&1
>
> if read proto cookie && [ -n "$DISPLAY" ]; then
> if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then
> # X11UseLocalhost=yes
> echo add unix:`echo $DISPLAY |
> cut -c11-` $proto $cookie
> else
> # X11UseLocalhost=no
> echo add $DISPLAY $proto $cookie
> fi | xauth -q -
> fi
> ----------------------------------------------
>
> Rolandas Naujikas
>
> On Wed, Sep 15, 2004 at 10:37:51PM -0400, Jim Rees wrote:
> > Ok, this is going on because you're running xauth before aklog, and it
> > can't write the XAUTHORITY file because your homedir isn't accessible.
> > This means your ONLY option is to get PAM working.
> >
> > No, another option is to put your .Xauthority elsewhere. That what I do,
> > and it works fine, although it requires the cooperation of your sshd.
> >
> > But you already have to hack sshd to remove the stupid path permission
> > checks.
> >
> > --__--__--