[OpenAFS] home on afs woes
Juha Jäykkä
juhaj@iki.fi
Thu, 12 Jan 2006 00:08:50 +0200
--Signature_Thu__12_Jan_2006_00_08_50_+0200_mM0I3ACGEnIVrG5Q
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: quoted-printable
> about AFS, or PAGs. But some do, so look for a pam_krb5afs.so
I think that pam_krb5afs.so no longer exists, at least the README of
RedHat's pam_krb5.so says
This is a major rewrite of pam_krb5afs. Call it 2.0, for lack of a better =
term.
o Compared to the earlier releases, this tree builds a single module which
"knows" how to do everything which is knowable at compile-time.
RedHat's pam_krb5.so *was* the source of pam_krb5afs.so - one source
anyway, the only one I am aware of. But it looks like it cannot do the
PAG's right. Has it ever done so?
> Yes, pam_afs2 can be called after a pam_krb5 to get a PAG, and fork/exec
> a aklog, ak5log, afslogin or gssklog to get the tokens.
> See ftp://achilles.ctd.anl.gov/pub/DEE/pam_afs2-0.1.tar
It has been very helpful in debugging since it can even exec a shell
script. I used that a lot to find out what's going wrong.
Cheers,
Juha
--=20
-----------------------------------------------
| Juha J=E4ykk=E4, juolja@utu.fi |
| home: http://www.utu.fi/~juolja/ |
-----------------------------------------------
--Signature_Thu__12_Jan_2006_00_08_50_+0200_mM0I3ACGEnIVrG5Q
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDxYHySqzK5nsyX0kRAp7AAKDL/ogwNNoSZBlIPWrKQ1WuS95URgCg6/il
VJkyd+2trA1IdM9tSDATkvA=
=IJej
-----END PGP SIGNATURE-----
--Signature_Thu__12_Jan_2006_00_08_50_+0200_mM0I3ACGEnIVrG5Q--