Hi, On Sun, Feb 05, 2012 at 05:25:20PM +0100, Giorgio Pioda wrote:
> > The script executed right after authentication copies the user's > > Kerberos ticket to the file krb5cc_diskless which is owned by root. > > This ticket will be picked up by gssd to create the security context > > needed. However, it's needed to restart autofs, I am not exactly sure > > why. It looks like autofs caches failures in mounting a directory > > (which it tries earlier in the login process), and does not try again > > immediately when the ticket is available. > > > > What about setting a delay in autofs? > How long? I think entering the username triggers autofs (to read the user's configuration, for example which desktop he want's to start by default). What if someone takes 15 seconds to enter his password, and someone else needs only 3 seconds? Only if exactly at the right moment where pam gives the OK (i.e. the ticket is available) for login the autofs is triggered it will manage to provide the home directory. Imediatelly after that the user will have / as home (or might not be allowed to login on gdm). So I don't think that will work. Did you have any success with the verify_ap_req_nofail = false stuff? Best regards, Andi -- To UNSUBSCRIBE, email to debian-edu-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120205213507.GA6821@flashgordon