[OpenAFS] Problem with pam on debian with 1.3.81 kernel 2.6.11

Thimo Neubauer thimo@macht.org
Thu, 14 Apr 2005 18:15:56 +0200


On Thu, Apr 14, 2005 at 05:31:27PM +0200, Ian Delahorne wrote:
> Thimo Neubauer wrote:
> >What's not useable about that? It correctly sets KRB5CCNAME which
> >aklog can then use. Each ssh login gets a seperate PAG anyway, so why
> >not have seperate KRB5CCs? This way, at least cleaning up the tokens
> >on logout is clearly defined.
> 
> Typically, I have a bunch of xterms ssh'd to our dev machine, along with 
> at least one "ssh -f host emacs". When all the tokens expire, I have to 
> run kauth in all windows. This is not the case with telnet -F.

Still "unusable" is a pretty strong term for this. Ok, in your case
it's inconvenient but not everybody is working like this. Especially
on an OpenAFS-list I'd expect most people to run their editors on
local machines but in a shared home ;-)

A pretty simple fix for your problem would be to open a single shell
on your dev machine and start all other processes from there. When
you're X-forwarding an emacs anyway running the xterm-processes on the
dev box won't really hurt.

Cheers
   Thimo