[OpenAFS] Loosing tokens...
Frank Burkhardt
fbo2@gmx.net
Mon, 4 Apr 2005 15:48:55 +0200
Hi,
On Mon, Apr 04, 2005 at 01:39:33PM +0200, Cajus Pollmeier wrote:
> Hi!
>
> I've a strange problem here while working localy on the machine named "lama".
> Everytime when a friend logs in (via SSH), I'm loosing my token (ID 1011) and
> get his token (ID 1006) instead. I've gained permissions to his data in this
> case, while I've lost access to my own stuff. For this case I left a shell
> open which is just used to enter an "aklog" again:
What does the 'id -G' command show in
1. your session?
2. your friend's ssh-session?
_Maybe_ you restarted/started your ssh-server in your own PAG.
Example:
<wrong>
cajus@lama:~$ su
password:
root@lama:~# /etc/init.d/ssh stop
root@lama:~# /etc/init.d/ssh start
root@lama:~# exit
root@lama:~$
</wrong>
The ssh-deamon inherits your PAG (process authentication group). It can be
avoided by using 'unpagsh' before running the ssh-daemon:
<correct>
cajus@lama:~$ su
password:
root@lama:~# unpagsh
root@lama:~# /etc/init.d/ssh stop
root@lama:~# /etc/init.d/ssh start
root@lama:~# exit
root@lama:~$
</correct>
hth
Regards,
Frank