[OpenAFS] tokens at login

Nalin Dahyabhai openafs-info@openafs.org
Thu, 7 Apr 2005 16:59:45 -0400


On Thu, Apr 07, 2005 at 11:41:59AM -0400, Dj Merrill wrote:
> 	However, I can issue the "afslog" command after login
> and it obtains an AFS token just fine with no errors.
> 
> 	In the logs I get:
> 
> Apr  7 11:14:08 galactica sshd[9019]: pam_krb5[9019]: got error -1 
> (Unknown code ____ 255) while obtaining tokens for mytest.dartmouth.edu
> 
> 	My /etc/pam.d/system-auth file on both machines looks like:
> 
> auth        required      /lib/security/$ISA/pam_env.so
> auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok
> auth        sufficient    /lib/security/$ISA/pam_krb5afs.so  use_first_pass tokens

Can you add "debug" to the end of this line, configure /etc/syslog.conf
to save debug-level messages (for example by adding "*.* /var/log/debug"
somewhere near the top) and look for the messages which are logged
between "obtaining tokens for mytest.dartmouth.edu" and the error
message which you're already seeing?

You should see logs of what the module is attempting in more detail, and
that should shed some light on where it's gone wrong.

HTH,

Nalin