[OpenAFS] loging into afs: ssh vs gdm
Ron Croonenberg
ronc@depauw.edu
Mon, 31 Oct 2005 15:16:32 -0500
Hi Douglas,
no that is an afs account too.
>>> "Douglas E. Engert" <deengert@anl.gov> 10/31/05 3:00 PM >>>
What is:
Oct 31 14:07:33 oort kernel: reop_import_path: no such path:
/afs/csc.depauw.edu/home/jeepdude
So it looks like it is still trying to lookin AFS, even though
you said it was a local account.
Ron Croonenberg wrote:
> Hi Douglas,
>
>
>>Sounds like gdm and X11 are trying to access your home directory
>>before having a token.
>
>
> hmmm.. I see what you mean one thing though on other machines
> (afs-clients) I don't seem to have that problem.
>
>
>>If your pam_krb5 has a force_cred and/or force_token option, you >may
>
> want to use it to get the tickets and token early during the auth,
>
>>rather then session or store creds parts of PAM.
>
>
> ok.. but I don't use pam_krb5 in pam.
>
>
>>As a test, change the acls on the home directory to allow access
>>without a token from the test machine.
>
>
> that's an idea, let me check that RIGHT now...
>
> (tried a junk account) same things happens...but look at this:
>
>
> Oct 31 14:06:43 oort gdm(pam_unix)[67778]: session opened for user
> jeepdude by (uid=0)
> Oct 31 14:06:43 oort gdm[67778]: gdm_slave_session_start:
/home/jeepdude
> is writable by group.
> Oct 31 14:06:43 oort gdm[67778]: gdm_auth_user_add: /home/jeepdude is
> writable by group.
> Oct 31 14:06:43 oort gdm[67778]: gdm_auth_user_add: Could not open
> cookie file /tmp/.gdm9W5qvG
> Oct 31 14:06:43 oort gdm[67778]: Tried wiping some old user session
> errors files to make disk space and will try adding user auth files
> again
> Oct 31 14:06:43 oort gdm[67778]: gdm_auth_user_add: /home/jeepdude is
> writable by group.
> Oct 31 14:06:43 oort gdm[67778]: gdm_auth_user_add: Could not open
> cookie file /tmp/.gdm5jAtPM
> Oct 31 14:06:53 oort gdm(pam_unix)[67778]: session closed for user
> jeepdude
> Oct 31 14:07:33 oort kernel: reop_import_path: no such path:
> /afs/csc.depauw.edu/home/jeepdude
>
>
>
>>and... on this machine a gdm login with root works.
>>The root home is not in AFS, so you don't need the token early.
>
>
> I know, but gdm works with "local" accounts.. I meant to say it is
not
> the case that gdm doesn't work at all.
Thats what I meant too, it worked on a local acocunt, but not if the
home was in AFS. So what is /afs/csc.depauw.edu/home/jeepdude?
>
> thanks,
>
> Ron
>
>
--
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
_______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info