[OpenAFS] Problem with pam on debian with 1.3.81 kernel 2.6.11
Simon Lyngshede
simon-sunsite@s-et.aau.dk
Thu, 14 Apr 2005 16:20:05 +0200
> But limited time today, so tomorrow I'll test ticketforwarding and
> login with ssh keys.
I would really love to hear about this if you get it to work
correctly.
> Oh, one more question: PAM is really a mess for me. How to change
> the kscreensaver to work with kerberos? I think it will be very
> annoying if the user locks the screen and can't unlock it...
>
I think that should work much like packages such as sudo, on Debian, I
haven't tried it, but I'll bet that there is a configuration file for
it in /etc/pam.d/, (kscreensaver?), if so simply adding:
auth sufficient pam_krb5.so
account sufficient pam_krb5.so
session optional pam_krb5.so
session optional pam_openafs_session.so
should work, or better yet, just include the common-* files, like so:
@include common-auth
@include common-session
@include common-account
common-auth might even be sufficient, unless people leave their
computer long enough for their afs token to expire.
--
Simon
I dont know what your problem is, but I'll bet its hard to pronounce.