[OpenAFS] Help with Openafs, PAM and SASL

Franco Milicchio senseiwa@mac.com
Fri, 15 Aug 2008 08:50:34 +0200


--Apple-Mail-314--42334320
Content-Type: text/plain;
	charset=US-ASCII;
	format=flowed;
	delsp=yes
Content-Transfer-Encoding: 7bit


On Aug 12, 2008, at 10:25pm, Juliyana Rayamajhi Regmi wrote:

> Hi,
> I installed openafs client on RHEL 5. It seems its working correctly  
> as I can login with "klog test" and I am able to see /afs being  
> mounted. But my dilema is to make is work with PAM and SASL2. Since  
> I could not pam_linux_afs module anywhere, I tried to configure and  
> use pam_afs_so module that comes along with Redhat. I use  
> testsaslauth to test thru SASL. But I am not sure if there are any  
> ways for me to test for openafs.
> Here are how my config files look like:
>
> #cacheinfo
> /afs:/usr/vice/cache:100000
> ThisCEll and CellSErverDb both are configured too.
>
> #/etc/sysconfig/openafs
> AFS_CLIENT=on
> AFS_SERVER=off
>
> #/etc/sysconfig/saslauthd
> SOCKETDIR=/var/run/saslauthd
> MECH=pam
>
> #/etc/pam.d/smtp
> #%PAM-1.0
> auth       include     system-auth
> auth       required     /lib/security/pam_afs.so
> account    required     /lib/security/pam_afs.so
>
> Any help will be greatly appreciated.


So you are asking SASL to use PAM to authenticate over a kaserver,  
using the "smtp" name, am I right?

First the obvious question: is saslauthd running?

Then, can you post the configuration of Postfix (or any othe SMTP  
daemon you're using) along with your tests? (testsaslauth command line  
and output, and your logs, maybe adding "debug" to your PAM modules).

Cheers!

-- 
Franco Milicchio <senseiwa@mac.com>

43rd Law of Computing: Anything that can go wr

fortune: Segmentation violation
Core dumped




--Apple-Mail-314--42334320
Content-Disposition: attachment;
	filename=smime.p7s
Content-Type: application/pkcs7-signature;
	name=smime.p7s
Content-Transfer-Encoding: base64

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIGITCCAtow
ggJDoAMCAQICEEz+Y9F/rca7N/SKFb18rYowDQYJKoZIhvcNAQEFBQAwYjELMAkGA1UEBhMCWkEx
JTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQ
ZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBMB4XDTA4MDIyODA4NTgzMVoXDTA5MDIyNzA4NTgz
MVowQjEfMB0GA1UEAxMWVGhhd3RlIEZyZWVtYWlsIE1lbWJlcjEfMB0GCSqGSIb3DQEJARYQc2Vu
c2Vpd2FAbWFjLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOd2dYQhwIPSO0ug
dAC57eXKdoev/Rmym5+h4BstfBvUiVd2yIHtFYkXbCdrYBoFhQTYmCUSWpj6/EdsgEoWzC3dwEKu
bOkiixWZAqjdfL0Zf0TSA1NlYxPQHJcfyh3wKq1mzFsngSvaO4kTT0kNjYvgnQ2seyi7kGziYebr
29kmCGVT8OFSSIaoRws61T/A4nutNnoUV/qVXRc4Ll3LCsy+GVMcUggAoDWeLTqKYqc7Zvmt2swM
o2lRcH0IyUX2EVeAcQcWhev+NNrPEfjQszmzn4yZIiaUlVFKBQRAFSt9OOXI/NaN6G07xp4bHV1B
vFUoDGbzL49bHeh3+qhLpyUCAwEAAaMtMCswGwYDVR0RBBQwEoEQc2Vuc2Vpd2FAbWFjLmNvbTAM
BgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBBQUAA4GBAH39aDyoeAVqe79x1s1HC8GRf8KS6xRVvjhc
ZvUoeevqmYFPBQfuT1bHa6edE5JfrRC6fpvP8ffWWbXqEnk99cSjISOnHHUJl7FQf0RvQTLACJKh
Hr0928Tyap4IKNaxewuyNDicp7CSU9yR2V/FGoQU2v/zx8EyAA0h9ibzWSNAMIIDPzCCAqigAwIB
AgIBDTANBgkqhkiG9w0BAQUFADCB0TELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2Fw
ZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UE
CxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNv
bmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUu
Y29tMB4XDTAzMDcxNzAwMDAwMFoXDTEzMDcxNjIzNTk1OVowYjELMAkGA1UEBhMCWkExJTAjBgNV
BAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25h
bCBGcmVlbWFpbCBJc3N1aW5nIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEpjxVc1X7
TrnKmVoeaMB1BHCd3+n/ox7svc31W/Iadr1/DDph8r9RzgHU5VAKMNcCY1osiRVwjt3J8CuFWqo/
cVbLrzwLB+fxH5E2JCoTzyvV84J3PQO+K/67GD4Hv0CAAmTXp6a7n2XRxSpUhQ9IBH+nttE8YQRA
HmQZcmC3+wIDAQABo4GUMIGRMBIGA1UdEwEB/wQIMAYBAf8CAQAwQwYDVR0fBDwwOjA4oDagNIYy
aHR0cDovL2NybC50aGF3dGUuY29tL1RoYXd0ZVBlcnNvbmFsRnJlZW1haWxDQS5jcmwwCwYDVR0P
BAQDAgEGMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFQcml2YXRlTGFiZWwyLTEzODANBgkqhkiG
9w0BAQUFAAOBgQBIjNFQg+oLLswNo2asZw9/r6y+whehQ5aUnX9MIbj4Nh+qLZ82L8D0HFAgk3A8
/a3hYWLD2ToZfoSxmRsAxRoLgnSeJVCUYsfbJ3FXJY3dqZw5jowgT2Vfldr394fWxghOrvbqNOUQ
Gls1TXfjViF4gtwhGTXeJLHTHUb/XV9lTzGCAxAwggMMAgEBMHYwYjELMAkGA1UEBhMCWkExJTAj
BgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJz
b25hbCBGcmVlbWFpbCBJc3N1aW5nIENBAhBM/mPRf63Guzf0ihW9fK2KMAkGBSsOAwIaBQCgggFv
MBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTA4MDgxNTA2NTAzNFow
IwYJKoZIhvcNAQkEMRYEFPkIOd0+523K1+SycNmnugGG7LSmMIGFBgkrBgEEAYI3EAQxeDB2MGIx
CzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYD
VQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIQTP5j0X+txrs39IoVvXyt
ijCBhwYLKoZIhvcNAQkQAgsxeKB2MGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29u
c3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNz
dWluZyBDQQIQTP5j0X+txrs39IoVvXytijANBgkqhkiG9w0BAQEFAASCAQAZ4kfYRZpIOlg5Wx/d
fpPE2IQBsfcCzNFZBTE0OQkqUJ0tiIoy15q5RpB3bohzSsydbEn6hcA1e/9rrg2eKbaakgqDsjVn
bCyOTdmG9plJJ19utnviwBYDKwKvMI+fjnPSjkMHlkdVNhb3Rd67rA4lOlwFYvd0YbK+dpfccdNJ
es5YJQbu1AP/HkWNRNfhFoTamf3lPX/LCpWpgpnAGPdBZjpBnAtsrXIrZRXu2k5xJpkeAA95rEZ9
4MV1nZPVpQPWHh0Ald+rQ6Qo5MfLieYTkhZusGOTXzv3wZ3oE8H5TFJ1hZJM3hmA3tMQjRq8UrvY
eEr3L5PdyLXaj06q2qCYAAAAAAAA

--Apple-Mail-314--42334320--