[OpenAFS] uw-imap & tokens
Wed, 04 Apr 2007 18:07:46 +0100
Miles Davis <miles@CS.Stanford.EDU> wrote:
> Let me step back too, in case I'm on the wrong path. My symptom is
> that tokens are disappearing out from under users after a few minutes
> in a session. They're not expiring. Running "keyctl show" after ssh
> login shows that my keying is uid 0, but I don't know why.
Can you run "keyctl show" immediately after you log in?
> Session Keyring
> -3 --alswrv 0 0 keyring: _uid_ses.0
> 2 --alswrv 0 0 \_ keyring: _uid.0
> 29391168 ----s--v 0 0 \_ afs_pag: _pag
Can you try "grep -r keyinit /etc/pam.d/"? Do you see pam_keyinit.so
How's the afs_pag key getting allocated? Is it by a PAM module?
> Something does show up under my uid in /proc/key-users:
> 9766: 2 2/2 2/100 60/10000
That'll be the uid-specific (_uid.9766) and uid-specific-session
(_uid_ses.9766) keyrings. If you do "cat /proc/keys" you should see them.