[OpenAFS] screen loses tokens - Solaris 10

Kevin Hildebrand kevin@umd.edu
Mon, 15 Aug 2011 15:34:47 -0400 (EDT)


We had problems with tokens disappearing until I added:

         pam = {
                 retain_after_close = true
         }

         pam-afs-session = {
                 retain_after_close = true
         }

to /etc/krb5.conf.

Kevin


On Mon, 15 Aug 2011, Jeff Blaine wrote:

> How might I go about debugging this?  This happens
> on a host with Generic_142900-03 but not on a host
> with Generic_144488-17 (nor ever on this latter host
> at any patch rev -- I have been using/resuming screen
> on it for years).
>
> 1. Connect to host with PuTTY
> 2. Confirm krb5 creds and tokens gotten from PAM
> 3. Start screen
> 4. Confirm krb5 creds and tokens in screen shell
> 5. Close PuTTY, "Yes, disconnect"
> 6. Connect to host with PuTTY
> 7. Confirm krb5 creds and tokens gotten from PAM
> 8. Resume screen session
> 9. Tokens and krb5 creds in screen shell are gone
>
> Common
> ------
> OpenAFS 1.4.14
> MIT Kerberos 1.6.3
> Screen 4.00.02
> sshd_config
> pam.conf
> pam_afs_session
> pam_krb5RA (Russ Alberry's)
> No kdestroy in shell dot files
>
> Different
> ---------
> SunOS faron.our.org 5.10 Generic_142900-03 sun4u sparc SUNW,Sun-Fire-V490
>
> SunOS cairo.our.org 5.10 Generic_144488-17 sun4u sparc SUNW,Sun-Fire-280R
>
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
>