[OpenAFS] Re: Samba & aklog
Craig Huckabee
huck@spawar.navy.mil
Mon, 11 Aug 2014 14:35:25 -0400
This is a cryptographically signed message in MIME format.
--------------ms010604060904040506010403
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: quoted-printable
On 8/7/14 12:29 AM, Andrew Deason wrote:
> On Wed, 06 Aug 2014 11:45:30 -0400
> Craig Huckabee <huck@spawar.navy.mil> wrote:
>
>> A little research turned up a suggestion of doing something like t=
his
>> in the smb.conf for AFS shares:
>>
>> ...
>> root preexec =3D /usr/bin/aklog -setpag -cell mycell.mil -keytab
>> /usr/afs/etc/rxkad.keytab -principal %u
>> ...
>
> I haven't used a setup like this myself, but I can try to offer some
> more information.
>
=2E..
> I would first try running 'aklog -setpag' manually to see if it works.
> Ideally, I would run it from a session without a pag, and then acquire
> tokens with -setpag, and see if you gain a pag:
>
This was very helpful - pags appear to be working, and watching the=20
output from the preexec script it shows the process has tokens. There=20
must be something else in my Samba config keeping things from working,=20
but this has helped my troubleshooting - thanks!
--Craig
--------------ms010604060904040506010403
Content-Type: application/pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIPCTCC
BLAwggOYoAMCAQICAxN/ODANBgkqhkiG9w0BAQUFADBdMQswCQYDVQQGEwJVUzEYMBYGA1UE
ChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxDDAKBgNVBAsTA1BLSTEYMBYGA1UE
AxMPRE9EIEVNQUlMIENBLTMwMB4XDTEyMDYyODAwMDAwMFoXDTE1MDYyNzIzNTk1OVowdzEL
MAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMQww
CgYDVQQLEwNQS0kxDDAKBgNVBAsTA1VTTjEkMCIGA1UEAxMbSFVDS0FCRUUuREFSWUwuQy4x
MjQ5MzUzNTYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMBlTX4je8F0SPjS
cXaCV0GZK2MGtJWIrWXHSdntCBbZ8DjF4UHeyj5pIYFkSp4TY0S8Q1MvqZQwH75R/fjcQqNJ
1ZEl+BrLP9E3wxArOD99B6SsNyTP+jIZt99oWcq/6fqykUOzq3UhYCdF8EI+nzvQk7StK20r
j9vEDCL6gdx6PKBrszzPIjptDUfY/XB9BIzi9tT0y3aa/KjG9LTpNr6nxysTRynni2Xjvj+f
0WM0kFkJXij/gWGb3+wkYOFl0/tTDD+rXlnXrpuQv43EH2lCa1E55AZ+QGwXEynxrG5EdYwO
Os+Oc+RS6ZWrQrmn67iel/xpEpErKV8uI8JnzQIDAQABo4IBXTCCAVkwHwYDVR0jBBgwFoAU
NWFmKAm8ViVbi8y/gV5hLDA50yEwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC5kaXNh
Lm1pbC9jcmwvRE9ERU1BSUxDQV8zMC5jcmwwDgYDVR0PAQH/BAQDAgUgMCMGA1UdIAQcMBow
CwYJYIZIAWUCAQsJMAsGCWCGSAFlAgELEzAdBgNVHQ4EFgQULo9sHY06jhnYYvam795IsFjz
e1UwaAYIKwYBBQUHAQEEXDBaMDYGCCsGAQUFBzAChipodHRwOi8vY3JsLmRpc2EubWlsL3Np
Z24vRE9ERU1BSUxDQV8zMC5jZXIwIAYIKwYBBQUHMAGGFGh0dHA6Ly9vY3NwLmRpc2EubWls
MB8GA1UdEQQYMBaBFGh1Y2tAc3Bhd2FyLm5hdnkubWlsMBsGA1UdCQQUMBIwEAYIKwYBBQUH
CQQxBBMCVVMwDQYJKoZIhvcNAQEFBQADggEBAJi10dFdqcbcRITCQ3+cnrjfXbJ/N9KVuF8d
ijwBxC8Jlw+UeKQP3UABtfw0/aWCnwqbSCOF+ZPifv2NMIt/bPAKlw1ODkzZgdpU118YaAPC
q389MxnJFqm8kFSfGuf9ORYJSeNQ3fOqfG1l58Tat3CgkqJkPvGKG+Ivn968jbyu3QmnZ9XE
EU0xKcJoZH61bTdvk86ZFkGowOkp+bnIb65YUUYLLjGSWS+x7F80VZarnBTNXUc9qTWEwDeq
wTlGUQE+fzbXbHagH1XWgEQL5HplCCGlc2joaMjCKnbDSq4UJ4MVu88SttvP2bjvkjSXjNd/
/SD4Y60ls3phYWwT5Q8wggT7MIID46ADAgECAgMTfzIwDQYJKoZIhvcNAQEFBQAwXTELMAkG
A1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMQwwCgYD
VQQLEwNQS0kxGDAWBgNVBAMTD0RPRCBFTUFJTCBDQS0zMDAeFw0xMjA2MjgwMDAwMDBaFw0x
NTA2MjcyMzU5NTlaMHcxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQx
DDAKBgNVBAsTA0RvRDEMMAoGA1UECxMDUEtJMQwwCgYDVQQLEwNVU04xJDAiBgNVBAMTG0hV
Q0tBQkVFLkRBUllMLkMuMTI0OTM1MzU2MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANSAZfToxDcbhUaBGBpMyM9C+uFbnGB+ejSexd5TMJ0kRPryWv1gE5q8LBLKm1GbBrU8
QaEH1eyb8kxGWpdXrn6NI62vede9Vf0dQamlPZK5zm0QbrGD3whH8G3qS+0jCjm5oUZS5cqf
X86ZZUGK8vbiBNmXLXPsF+j+4LkN4fAlVrDHbyJWmwstYbqI0nwlszx0X1tnp/90UzdPWZa5
FbZOv2/6fVT22Of0egDWmah2K1VJLeihSkbFcaU3lOz4ehWgykd97x2xBVQoUeLtomq+FGLx
1Gm5TXcei7+Jlrx/4RxkhIUGXuyK3YM+RHAx1D0lmzu8YxnsbQhdeNUTUxECAwEAAaOCAagw
ggGkMB8GA1UdIwQYMBaAFDVhZigJvFYlW4vMv4FeYSwwOdMhMDoGA1UdHwQzMDEwL6AtoCuG
KWh0dHA6Ly9jcmwuZGlzYS5taWwvY3JsL0RPREVNQUlMQ0FfMzAuY3JsMA4GA1UdDwEB/wQE
AwIGwDAjBgNVHSAEHDAaMAsGCWCGSAFlAgELCTALBglghkgBZQIBCxMwHQYDVR0OBBYEFIbE
X4jUFrshho5F7bJp7Ev6h4dQMGgGCCsGAQUFBwEBBFwwWjA2BggrBgEFBQcwAoYqaHR0cDov
L2NybC5kaXNhLm1pbC9zaWduL0RPREVNQUlMQ0FfMzAuY2VyMCAGCCsGAQUFBzABhhRodHRw
Oi8vb2NzcC5kaXNhLm1pbDA/BgNVHREEODA2gRRodWNrQHNwYXdhci5uYXZ5Lm1pbKAeBgor
BgEEAYI3FAIDoBAMDjEyNDkzNTM1NjJAbWlsMBsGA1UdCQQUMBIwEAYIKwYBBQUHCQQxBBMC
VVMwKQYDVR0lBCIwIAYKKwYBBAGCNxQCAgYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3
DQEBBQUAA4IBAQCQTIQvLS9kuMGwXxQdjZ+Rickf6R+Gu4IBswSiRZVXYR64JqoDaEWfUXW+
osh0AnKgR84iUAbQ30cd9ffbKq/Xp3PlJzKp0UKXAqKJ5C0zccQc3bLjXH/RvZOqlgjYNwXt
8DaeJnzdAFc/P1eTFuZM8x7uCuKSj+o2d5StLUI7hzcvXr7DEEEzsEzZu6HZC5ziHqys45Pi
OEGoDKBB3LlVtw2CC/Z5OQJ5FdeBtTFnruALLohiqLXaUJamFKNQWH6myNnFgTCRUvxNZHPu
J0neQnZOZ+zrS2nV/UR3LljQTe/UYNvX1/XhXb9vKJqhK1px4iRzi4jru9TQB+7LiEZsMIIF
UjCCBDqgAwIBAgICAbkwDQYJKoZIhvcNAQEFBQAwWzELMAkGA1UEBhMCVVMxGDAWBgNVBAoT
D1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMQwwCgYDVQQLEwNQS0kxFjAUBgNVBAMT
DURvRCBSb290IENBIDIwHhcNMTEwOTA4MTYwMzA4WhcNMTcwOTA4MTYwMzA4WjBdMQswCQYD
VQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxDDAKBgNV
BAsTA1BLSTEYMBYGA1UEAxMPRE9EIEVNQUlMIENBLTMwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA5iki1BQm0ZgaUl7FhINzfsFgs7PQlL79HJRVv/aELJvJwHRz78zCmfKZ
yW3KFNN0/74Q8vctv8u7BqPumFBBZQHhVyy2y+TKHKx+UjQOsY4HJj4yNa+jYQrF5Qi2EnmM
VMF66fFQH12DOmcwsynbHTpMOSFQ2BgsjQZ17mNyeGitYpx1pJQG0zJrEq8GBym+E6DAp/Al
T7f+H7dX4BgSjSFqFblaVPt3ZdhMP/W6PMA34QZ+wr6eI4wo0ZrXxmc413PJvQcdhW/VlQqa
3No6TijwpesJ3+XbC81Hr4rNu2+UQONZnFCfyQ6pcQK53OlpgDqJO0UFIhgFhLUS8DzAgQID
AQABo4ICHDCCAhgwDgYDVR0PAQH/BAQDAgGGMB8GA1UdIwQYMBaAFEl0uwxeunr+AlTve6DG
lcYJgHCWMB0GA1UdDgQWBBQ1YWYoCbxWJVuLzL+BXmEsMDnTITASBgNVHRMBAf8ECDAGAQH/
AgEAMAwGA1UdJAQFMAOAAQAwZgYDVR0gBF8wXTALBglghkgBZQIBCwUwCwYJYIZIAWUCAQsJ
MAsGCWCGSAFlAgELETALBglghkgBZQIBCxIwCwYJYIZIAWUCAQsTMAwGCmCGSAFlAwIBAxow
DAYKYIZIAWUDAgEDGzA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmRpc2EubWlsL2Ny
bC9ET0RST09UQ0EyLmNybDCCAQEGCCsGAQUFBwEBBIH0MIHxMDoGCCsGAQUFBzAChi5odHRw
Oi8vY3JsLmRpc2EubWlsL2lzc3VlZHRvL0RPRFJPT1RDQTJfSVQucDdjMCAGCCsGAQUFBzAB
hhRodHRwOi8vb2NzcC5kaXNhLm1pbDCBkAYIKwYBBQUHMAKGgYNsZGFwOi8vY3JsLmdkcy5k
aXNhLm1pbC9jbiUzZERvRCUyMFJvb3QlMjBDQSUyMDIlMmNvdSUzZFBLSSUyY291JTNkRG9E
JTJjbyUzZFUuUy4lMjBHb3Zlcm5tZW50JTJjYyUzZFVTP2Nyb3NzQ2VydGlmaWNhdGVQYWly
O2JpbmFyeTANBgkqhkiG9w0BAQUFAAOCAQEACohWHKVXJlpiy3XQ3YbFUuIv87wRZD+MLz4R
/JhgQPKADSiCmmj+4EhLJ9M6CnuV9gMMgRSRQjpgbOIrUy3s3xGu9VQX8AH5lwenm6sL26yX
iQnG7/kHNBYAqH4RU558L6E4opl5OTRBbn24WDBWiJ7kqmRF2aBEYjq35THTkYDxGxCyZ3DV
W6tZtFpIFkLEAkzabGjKUB0xvjeZx89TzEIpVsOdF8oD5xBa8Tk8HMz7G5cKJvMx3+CrXCSd
nt44fQJRZ0b5k3CF7QpVwvTBaFqfCMkde5t23FTvOYwY5QxE7vcGsh/1y+YOvdSh/9T5kQci
Unm3wP3ssviF9ET7XDGCA0YwggNCAgEBMGQwXTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1Uu
Uy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMQwwCgYDVQQLEwNQS0kxGDAWBgNVBAMTD0RP
RCBFTUFJTCBDQS0zMAIDE38yMAkGBSsOAwIaBQCgggG3MBgGCSqGSIb3DQEJAzELBgkqhkiG
9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTE0MDgxMTE4MzUyNVowIwYJKoZIhvcNAQkEMRYEFI7J
LgBhv6p5pJ+xf+e6563zCf7xMGwGCSqGSIb3DQEJDzFfMF0wCwYJYIZIAWUDBAEqMAsGCWCG
SAFlAwQBAjAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYF
Kw4DAgcwDQYIKoZIhvcNAwICASgwcwYJKwYBBAGCNxAEMWYwZDBdMQswCQYDVQQGEwJVUzEY
MBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxDDAKBgNVBAsTA1BLSTEY
MBYGA1UEAxMPRE9EIEVNQUlMIENBLTMwAgMTfzgwdQYLKoZIhvcNAQkQAgsxZqBkMF0xCzAJ
BgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsTA0RvRDEMMAoG
A1UECxMDUEtJMRgwFgYDVQQDEw9ET0QgRU1BSUwgQ0EtMzACAxN/ODANBgkqhkiG9w0BAQEF
AASCAQCfsaDr+KiBwyO03PLL+6dY4VPqvLv9Cw1EP4jb7byXMTCEQq+7220ZzMhgpPVrYlk9
Gsxjs20k+l+eTkU5nlgUXFlA5yLo1pJwJqVNhXoa69fyRfoVBLx7KH4d0YDiGoCe+UCEbU9+
tNRhygKPvxdwsDbnOtDOqJY1S20hMG+xU8sdEt7YbaCBRS9MA4SUQ1eCBDjnYEIdiCr5TZvR
h4QlhzFQecxKBB7bAPbIOiljm4JUaB5FNWuwRR5uecOFt66FXA4/Agul9fQ8SPmmqqqiQa8I
iSHT6NEwhiDLxx0oR6Evvf2vcWRHuuWLePv09MXTVmBc8/FfrFnXYteQhvclAAAAAAAA
--------------ms010604060904040506010403--