[OpenAFS] Probleme with aklog

El Barto elbarto@epitech.net
Mon, 19 Feb 2007 11:31:42 +0100 

 Hello,

 I'm getting troubles to access my afs folders after loggin with
pam_openafs_session.so (with using aklog).
 I'm running Debian Etch with custom kernel 2.6.18
and openafs 1.4.2-4.

 When I use kinit, I get the correct kerberos and afs tickets and
tokens :

vadot_e@test-linux:~$ kinit 
vadot_e@EPITECH.NET's Password: 
vadot_e@test-linux:~$ klist 
Credentials cache: FILE:/tmp/krb5cc_38257
        Principal: vadot_e@EPITECH.NET

  Issued           Expires          Principal
Feb 19 11:25:28  Feb 19 22:25:47  krbtgt/EPITECH.NET@EPITECH.NET
Feb 19 11:25:28  Feb 19 22:25:47  afs@EPITECH.NET
vadot_e@test-linux:~$ tokens 

Tokens held by the Cache Manager:

User's (AFS ID 38257) tokens for afs@EPITECH.NET [Expires Feb 19 22:49]
   --End of list--
vadot_e@test-linux:~$ 

 When I log with ssh, I do not obtain afs tokens but I do obtain
kerberos tickets, and if I type aklog I obtain wrong afs tokens and I
got a Permission denied on my folders :

elbarto@arcadia> ssh vadot_e@10.242.42.93
vadot_e@10.242.42.93's password: 
Linux linux-pourri 2.6.18-3-686 #1 SMP Mon Dec 4 16:41:14 UTC 2006 i686

The programs included with the Debian GNU/Linux system are free
software; the exact distribution terms for each program are described
in the individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Mon Feb 19 12:22:37 2007 from arcadia.staff.epita.fr
vadot_e@test-linux:~$ klist 
Credentials cache: FILE:/tmp/krb5cc_38257
        Principal: vadot_e@EPITECH.NET

  Issued           Expires          Principal
Feb 19 11:25:28  Feb 19 22:25:47  krbtgt/EPITECH.NET@EPITECH.NET
Feb 19 11:25:28  Feb 19 22:25:47  afs@EPITECH.NET
vadot_e@test-linux:~$ tokens 

Tokens held by the Cache Manager:

   --End of list--
vadot_e@test-linux:~$ aklog 
vadot_e@test-linux:~$ tokens 

Tokens held by the Cache Manager:

User's (AFS ID 38257) tokens for afs@epitech.net [Expires Feb 19 22:25]
   --End of list--
vadot_e@test-linux:~$ ls -l /afs/epitech.net/users/ept4/vadot_e/
ls: /afs/epitech.net/users/ept4/vadot_e/: Permission denied
vadot_e@test-linux:~$ 

 When I log on physical on the computer it do the same than ssh except
I automatically got afs tokens without typing aklog. There is a
problem for the ssh login but my question is not there.

 Why do I got tokens @epitech.net with aklog and @EPITECH.NET (which
works) with kinit ? Do I got something wrong in my openafs
configuration ?

 Many thanks and sorry for the long post.

-- 
Emmanuel Vadot          System & Network Administrator [root & bocal]
elbarto@epitech.net     14-16 rue Voltaire 94270 Le Kremlin-Bicetre
01 44 08 01 91          06 83 14 62 92