[OpenAFS] aklog Lies OR Cache Manager Not Storing Tokens
Mon, 24 Nov 2008 17:03:22 -0500
On Mon, Nov 24, 2008 at 2:32 PM, Randy Kemp <firstname.lastname@example.org> wrote:
> I'm running openafs 1.4.7 client on Ubuntu Intrepid. It's running on a
> multi-user application server where all the users connect from thin
> clients via SSH sessions, in other words LTSP 5. I'm using
> pam_afs_session to get tokens at login. I'm having an intermittent
> problem where users will sometimes log in and not get an AFS token.
Sure, I bet the GUI login stuff is happening in a different session
and so you're setting tokens; the user (in a different session, or
perhaps with a different uid if you have a kernel which for some
reason meant PAGs got disabled) just can't have them.
I don't see how this means aklog lies or the cache manager is
discarding the tokens.
> Since it's trying to load a graphical session, the users in effect can't
> log in because their home directory can't be accessed. When this starts
> happening for users it tends to occur for almost all users. Users that
> are already logged in don't loose their tokes. Restarting the app.
> server will fix it but sometimes it just resolves itself after a while.
> If I have a user log in to a shell via SSH they can manually exec
> 'aklog' and then it will work fine, even if they log out and back in.
> Once it starts occurring, the users that are already logged in can
> typically log out and back in and get their token without a problem but
> if they exec 'unlog' before logging out the won't get a token when they
> attempt to log back in.
Sure. This sounds like no PAG, and when they aklog *their uid* as
opposed to the one running kdm or whatever gets the tokens. Try 1.4.8.