[OpenAFS] PAG lost after switching users on Slackware 13.1 box

Tom Mukunnemkeril torrent_tech@yahoo.com
Fri, 21 Jan 2011 03:49:15 -0800 (PST)


--0-1487644504-1295610555=:28322
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable

Slackware does not include pam in its distribution.=A0 It isn't installed o=
n my system as far as I can tell.=A0=20

Some other system information, which I hadn't posted because I didn't think=
 it would be relevant.=A0 I'm using Kerberos 1.8.3 on Slackware 13.1 and Ke=
rberos 1.8 on the Slackware 13.0 boot.=A0 The machine is 32 bit x86.=A0=A0 =
My afs principal name is afs@BANDALEROS.NET instead of the recommended afs/=
bandaleros.net@BANDALEROS.NET.

Tom

--- On Fri, 1/21/11, Marc Dionne <marc.c.dionne@gmail.com> wrote:

From: Marc Dionne <marc.c.dionne@gmail.com>
Subject: Re: [OpenAFS] PAG lost after switching users on Slackware 13.1 box
To: "Tom Mukunnemkeril" <torrent_tech@yahoo.com>
Cc: openafs-info@openafs.org
Date: Friday, January 21, 2011, 3:05 AM

On Thu, Jan 20, 2011 at 9:17 PM, Tom Mukunnemkeril
<torrent_tech@yahoo.com> wrote:
>
> Hi all,
>
> For the past few months I've been debugging a problem where my webserver =
cannot access files in AFS, despite using pagsh and kstart when I start up =
apache.=A0 I had this working on Slackware 13.0 but have been unable to mak=
e this work on Slackware 13.1.
>
> So I did a simple test of just logging as root, running pagsh, getting ke=
rberos tickets and tokens and su to another user.=A0 As expected, in Slackw=
are 13.0 the tokens remained, in the Slackware 13.1, the tokens did not.

Has anything changed in the pam configuration?=A0 For instance a
pam_keyinit in the wrong spot can wipe the session keyring and result
in a lost PAG.

Marc
_______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info
=0A=0A=0A      
--0-1487644504-1295610555=:28322
Content-Type: text/html; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable

<table cellspacing=3D"0" cellpadding=3D"0" border=3D"0" ><tr><td valign=3D"=
top" style=3D"font: inherit;">Slackware does not include pam in its distrib=
ution.&nbsp; It isn't installed on my system as far as I can tell.&nbsp; <b=
r><br>Some other system information, which I hadn't posted because I didn't=
 think it would be relevant.&nbsp; I'm using Kerberos 1.8.3 on Slackware 13=
.1 and Kerberos 1.8 on the Slackware 13.0 boot.&nbsp; The machine is 32 bit=
 x86.&nbsp;&nbsp; My afs principal name is afs@BANDALEROS.NET instead of th=
e recommended afs/bandaleros.net@BANDALEROS.NET.<br><br>Tom<br><br>--- On <=
b>Fri, 1/21/11, Marc Dionne <i>&lt;marc.c.dionne@gmail.com&gt;</i></b> wrot=
e:<br><blockquote style=3D"border-left: 2px solid rgb(16, 16, 255); margin-=
left: 5px; padding-left: 5px;"><br>From: Marc Dionne &lt;marc.c.dionne@gmai=
l.com&gt;<br>Subject: Re: [OpenAFS] PAG lost after switching users on Slack=
ware 13.1 box<br>To: "Tom Mukunnemkeril" &lt;torrent_tech@yahoo.com&gt;<br>=
Cc:
 openafs-info@openafs.org<br>Date: Friday, January 21, 2011, 3:05 AM<br><br=
><div class=3D"plainMail">On Thu, Jan 20, 2011 at 9:17 PM, Tom Mukunnemkeri=
l<br>&lt;<a ymailto=3D"mailto:torrent_tech@yahoo.com" href=3D"/mc/compose?t=
o=3Dtorrent_tech@yahoo.com">torrent_tech@yahoo.com</a>&gt; wrote:<br>&gt;<b=
r>&gt; Hi all,<br>&gt;<br>&gt; For the past few months I've been debugging =
a problem where my webserver cannot access files in AFS, despite using pags=
h and kstart when I start up apache.&nbsp; I had this working on Slackware =
13.0 but have been unable to make this work on Slackware 13.1.<br>&gt;<br>&=
gt; So I did a simple test of just logging as root, running pagsh, getting =
kerberos tickets and tokens and su to another user.&nbsp; As expected, in S=
lackware 13.0 the tokens remained, in the Slackware 13.1, the tokens did no=
t.<br><br>Has anything changed in the pam configuration?&nbsp; For instance=
 a<br>pam_keyinit in the wrong spot can wipe the session keyring and
 result<br>in a lost PAG.<br><br>Marc<br>__________________________________=
_____________<br>OpenAFS-info mailing list<br><a ymailto=3D"mailto:OpenAFS-=
info@openafs.org" href=3D"/mc/compose?to=3DOpenAFS-info@openafs.org">OpenAF=
S-info@openafs.org</a><br><a href=3D"https://lists.openafs.org/mailman/list=
info/openafs-info" target=3D"_blank">https://lists.openafs.org/mailman/list=
info/openafs-info</a><br></div></blockquote></td></tr></table><br>=0A=0A=0A=
=0A=0A=0A=0A=0A      
--0-1487644504-1295610555=:28322--