[OpenAFS] [1.3.86] heimdal/krb5 auth for BOS requests fails during initial cell setup
Tracy Di Marco White
Tracy Di Marco White <gendalia@gmail.com>
Thu, 4 Aug 2005 20:58:39 -0500
On 8/4/05, zeroguy <zeroguy@verizon.net> wrote:
> On Thu, 04 Aug 2005 07:40:35 +0200
> scorch <scorch@muse.net.nz> wrote:
> [...]
> > -- thanks :-) but I'm stuck after switching out of -noauth, despite
> > having seeming correct k5 tickets. My guess is that I need something
> > like aklog, or my krb configuration but I am lost for the obvious
> answer.
>=20
> You need to run aklog. There's not a whole lot else you need to know
> (it just grants you your afs token from your krb tickets). Just 'aklog',
> no arguments, immediately after you run a successful kinit. Unless I'm
> missing something and there's something special about your setup, that
> is all you are missing.
If he's using the instructions we wrote, he's likely using heimdal, and so
kinit will get tokens magically if he has "afslog =3D yes" in "[appdefaults=
]"
in his /etc/krb5.conf. (Sample krb5.conf on page 13, same instructions.)
I don't see appdefaults in his krb5.conf snippet, so I don't know if he has
that, but I don't see tokens in his klist, so probably not.
-Tracy