Douglas E Engert <deengert@anl.gov> writes: > OK, so it looks like a no problem with the pam_openafs_session.so > deleting the token. > What is really needed is a pam_* that just gets a PAG. pam-afs-session does this when there is no Kerberos ticket. -- Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>