[OpenAFS] loging into afs: ssh vs gdm
Douglas E. Engert
Mon, 31 Oct 2005 12:56:53 -0600
Ron Croonenberg wrote:
> Hi Frank,
>>Just a guess: Maybe you should have a look @ the last lines of
>>~cowboy/.xession-errors . I once had a problem that looked like
>>yours. I blamed AFS/Kerberos/NSA but is was just a syntax error in
>>/etc/X11/XSession.d/somefile which prevented the session itself from
Sounds like gdm and X11 are trying to access your home directory
before having a token.
If your pam_krb5 has a force_cred and/or force_token option, you may
want to use it to get the tickets and token early during the auth,
rather then session or store creds parts of PAM.
As a test, change the acls on the home directory to allow access
without a token from the test machine.
> hmm.. I don't seem to have .xsession-errors.
> Another thing. ~cowboy is on afs. and I can start gdm sessions from
> other machines with an afs client.
> and... on this machine a gdm login with root works.
The root home is not in AFS, so you don't need the token early.
> OpenAFS-info mailing list
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439