[OpenAFS] trouble with pam_krb5

Russ Allbery rra@stanford.edu
Wed, 13 Jul 2005 14:07:22 -0700

Kurt Seiffert <seiffert@indiana.edu> writes:

> I'm trying to use pam_krb5 with a RHEL AS v4 system. I am successfully
> authenticated and get logged in, but I do not get AFS tokens or even
> have K5 tickets in the cache. It's like the module is successfully
> authenticating against the KDC, but is unable to store the K5
> tickets. I'm logging in through ssh. I can kinit and aklog to get
> tokens.

Yup.  I banged on this for hours and was completely unable to find a
solution.  It appears to be specific to RHEL 4; I haven't seen the problem
with RHEL 3.  When turning up debugging, it was looking like the password
was no longer available from PAM at the point at which the module was
called to reinitialize credentials, but there seemed to be various other
problems going on too.

I'm very mystified by this problem.  I assume it must work for *someone*
or Red Hat wouldn't ship pam_krb5 with RHEL 4, but I completely failed to
get it to work.

Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>