[OpenAFS] Solaris 10 (x86): pam_afs_session
Douglas E. Engert
Fri, 22 Feb 2008 16:37:14 -0600
Russ Allbery wrote:
> John Tang Boyland <firstname.lastname@example.org> writes:
>> Now, I notice in the debug log that pam_afs_session gets run twice and
>> the second time decides it has already run and doesn't do anything.
>> This may be because on recommendation, I had added pam_afs_session to
>> the session stack:
>> other session required pam_unix_session.so.1
>> other session required pam_afs_session.so always_aklog
>> OK. So I remove the pam_afs_session line from the session stack.
>> Eureka! It works now.
>> I guess, when I applied the recommended fixes, one of them (perhaps
>> misunderstood by me) caused a problem that ended up having the same
>> symptoms as the original problem, so I assumed the fixes were useless.
>> (It may also be that in pam_afs_session 1.5 it no longer gives up if it
>> has already run. I'm still using pam_afs_session 1.4)
> That behavior is still the same. pam_afs_session doesn't set the note
> that it had already run unless your aklog program exits successfully. So,
> the next question is why aklog is exiting successfully even though it
> didn't get tokens.
Looks like it always returns 0!
OpenAFS 1.4.6 src/aklog/aklog.c has:
main(int argc, char *argv)
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439