Hi Derek, hi Chas,
On Tue, 20 Mar 2007, chas williams - CONTRACTOR wrote:
In message <[EMAIL PROTECTED]>,Andreas Haupt write
s:
I can have full access to the PAG environment SGE has created. How can I
"transfer" the PAG now to a second "virgin" environment. As an example I
have two sessions and I want the second session to be in the same PAG as
the first session:
you can't. you will note that the key/pag doesnt allow you to read it.
this was intentional. i dont know much about SGE. how did qrsh
(or the shepherd) create the new session keyring? a pam module?
It's calling pagsh.krb (or any other program you want).
But ok, I've found the delinquent: pam_keyinit.so. It's configured with
the force flag by default in /etc/pam.d/sshd which removes all existent
sessions.
session optional pam_keyinit.so force revoke
Changing it to
session optional pam_keyinit.so revoke
does the trick. SGE's PAG environment won't get destroyed any more.
Thanks.
Andreas
--
| Andreas Haupt | E-Mail: [EMAIL PROTECTED]
| DESY Zeuthen | WWW: http://www-zeuthen.desy.de/~ahaupt
| Platanenallee 6 | Phone: +49/33762/7-7359
| D-15738 Zeuthen | Fax: +49/33762/7-7216
_______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info