[OpenAFS] loging into afs: ssh vs gdm

Douglas E. Engert deengert@anl.gov
Mon, 31 Oct 2005 12:56:53 -0600


Ron Croonenberg wrote:
> Hi Frank,
> 
> 
>>Just a guess: Maybe you should have a look @ the last lines of
>>~cowboy/.xession-errors . I once had a problem that looked like
>>yours. I blamed AFS/Kerberos/NSA but is was just a syntax error in
>>/etc/X11/XSession.d/somefile which prevented the session itself from
>>starting.
> 
> 

Sounds like gdm and X11 are trying to access your home directory
before having a token.

If your pam_krb5 has a force_cred and/or force_token option, you may
want to use it to get the tickets and token early during the auth,
rather then session or store creds parts of PAM.

As a test, change the acls on the home directory to allow access
without a token from the test machine.


> hmm..   I don't seem to have .xsession-errors.
> Another thing.  ~cowboy is on afs.  and I can start gdm sessions from
> other machines with an afs client.
> 
> and...  on this machine a gdm login with root  works.

The root home is not in AFS, so you don't need the token early.
> 
> 
>>Regards,
>>
>>Frank
> 
> 
> thanks,
> 
> Ron
> 
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
> 
> 

-- 

  Douglas E. Engert  <DEEngert@anl.gov>
  Argonne National Laboratory
  9700 South Cass Avenue
  Argonne, Illinois  60439
  (630) 252-5444