[OpenAFS] 1.6.20 pam_afs_session bug ?
Benjamin Kaduk
kaduk@mit.edu
Mon, 10 Apr 2017 20:22:17 -0500
On Mon, Apr 10, 2017 at 10:57:50AM +0200, Andreas Ladanyi wrote:
> Am 07.04.2017 um 05:41 schrieb Benjamin Kaduk:
> > Hmm, this feels more like systemd fallout, the more I think about
> > it. (Ubuntu 16.10 is on systemd now, right?)
> yes.
> > It seems like a usetul debugging step would be to determin the
> > process hierarchy when the screensaver is calling into
> > pam_afs_session,
>
> Are you talking about the pam debug log output from pam common-auth ?
> Output of pstree ?
pstree
> > and also what keyring entry is being used to hold
> > tokens. (That could then be compared to the keyring entry holding
> > tokens in the interactive user session.)
> gnome-keyring
I was trying to refer to the kernel keyring that implements PAGs in
recent linux versions, e.g.,
$ keyctl show
Session Keyring
657285648 --alswrv 1000 1000 keyring: _ses.28524
602358083 ----s--v 0 0 \_ afs_pag: _pag
(On my Debian machine, I have to explicitly "pagsh" to get any
afs_pag keyring entries, as by default I get the implicit per-UID
PAG.)
-Ben