[OpenAFS] home on afs woes

Juha Jäykkä juhaj@iki.fi
Thu, 12 Jan 2006 00:08:50 +0200

Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: quoted-printable

> about AFS, or PAGs. But some do, so look for a pam_krb5afs.so

I think that pam_krb5afs.so no longer exists, at least the README of
RedHat's pam_krb5.so says

This is a major rewrite of pam_krb5afs.  Call it 2.0, for lack of a better =

o Compared to the earlier releases, this tree builds a single module which
  "knows" how to do everything which is knowable at compile-time.

RedHat's pam_krb5.so *was* the source of pam_krb5afs.so - one source
anyway, the only one I am aware of. But it looks like it cannot do the
PAG's right. Has it ever done so?

> Yes, pam_afs2 can be called after a pam_krb5 to get a PAG, and fork/exec
> a aklog, ak5log, afslogin or gssklog to get the tokens.
> See ftp://achilles.ctd.anl.gov/pub/DEE/pam_afs2-0.1.tar

It has been very helpful in debugging since it can even exec a shell
script. I used that a lot to find out what's going wrong.


		| Juha J=E4ykk=E4, juolja@utu.fi			|
		| home: http://www.utu.fi/~juolja/		|

Content-Type: application/pgp-signature

Version: GnuPG v1.4.2 (GNU/Linux)