[OpenAFS] OpenAFS Client login via KDM

Lars Schimmer l.schimmer@cgv.tugraz.at
Fri, 30 May 2008 09:28:11 +0200


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ralf Hornik Mailings wrote:
> Hi all,
>=20
> are there any known issues regarding Gnome/KDE login Manager getting AF=
S
> tokens? I can login perfectly using ssh, or console, get AFS Toks and m=
y
> home.
> But using GDM/KDM it tells me "Can't update authorization file", or
> "Can't chdir /afs/.daheim/user/<user>: Permission denied"
>=20
> Seems  the KDM doesn't get (or use) tokens?
> Has someone solved this problem yes?

For us KDM does NOT work, GDM works, though.

We run grml 1.1/HD, which is just a debian lenny with some enhancement
scripts.
My pam looks like:
/etc/pam.d/common-account:
account         sufficient      pam_krb5.so

/etc/pam.d/common-auth:
auth       sufficient   pam_krb5.so
auth       required     pam_unix.so use_first_pass

/etc/pam.d/common-session:
session optional        pam_krb5.so
session optional        pam_openafs_session.so


Thats a quite simple setup but it let my users login via SSH and GDM and
get them tickets/tokens and they get into their home on AFS space.
Why KDM doesn't work, I can't tell.

> Best regards
>=20
> Ralf
>=20
>=20


MfG,
Lars Schimmer
- --
- -------------------------------------------------------------
TU Graz, Institut f=FCr ComputerGraphik & WissensVisualisierung
Tel: +43 316 873-5405       E-Mail: l.schimmer@cgv.tugraz.at
Fax: +43 316 873-5402       PGP-Key-ID: 0x4A9B1723
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIP6yKmWhuE0qbFyMRAot2AJ9baYXNHP/EGdm3grUnd9FPiVH0TgCeIKXY
YK4z9u4mxbOITIUCWSpNB3M=3D
=3DdsGb
-----END PGP SIGNATURE-----