[OpenAFS] MIT krb5 utilities don't acquire afs tokens
ph rhole oper
slitbit@fastmail.fm
Sat, 08 Oct 2005 15:20:30 +0300
On Fri, 07 Oct 2005 12:10:48 -0400, "Derek Atkins" <warlord@MIT.EDU>
said:
> Please make sure you CC the list on all replies.. I'm not the only
> one who can help you!
sure, im sorry :)
>
> "ph rhole oper" <slitbit@fastmail.fm> writes:
>
> > Why use pam if the 2.0 kit does the job?
>
> The 2.0 kit requires you to run "aklog" by hand. I thought you
> wanted to automate the process.
>
> > So, it seems like im the only one facing this specific problem, and i
> > should myself write the patches.Sounds strange since
> > MIT krb5 & OpenAFS looks like a popular choice.or has everybody moved
> > to heimdal?!
>
> Um, no, you're not the only one. There are lots of options out
> there. Go read the archives for other people's solutions. A lot
> depends on your server OS and which pam module(s) you use or have
> available.
>
> -derek
> --
> Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
> Member, MIT Student Information Processing Board (SIPB)
> URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
> warlord@MIT.EDU PGP key available
well, i've allready tampered with appl/bsd/{login.c,krshd.c} , making it
acquire afstokens automatically upon login, or forwarding of user
credentials.It seems to work, except i don't take care of unlog-ing
after end of krshd sessions.
This covers up login.krb5, rsh, rcp, rlogin, etc..
Now i'm gonna take a look at telnetd source
I'd like not to use pam in any case, and that's why im doing all these
now..
--
http://www.fastmail.fm - Choose from over 50 domains or use your own