On Thu, 18 Mar 2010 10:38:18 -0400 Ken Hornstein <k...@cmf.nrl.navy.mil> wrote:
> - Assuming you're using ssh (I am guessing that you are), convince > sshd to write your Xauthority information somewhere else, like a > file in /tmp (and make sure your XAUTHORITY environment variable is > correct). I would guess this is possible, but I don't know if > there's an easy way to do it. I'm actually not sure if this is possible to do correctly (with existing ssh, PAM, etc). pam_env.so and ssh's "set-the-environment" functionality only take constant strings, from what I can tell. What I think you'd want is a pam module that sets an environment variable to something involving a bit of randomness (XAUTHORITY=`mktemp /tmp/.Xauthority.XXXXXX`), or at the very least incorporates the users's uid or username. But I don't think such a module exists. Anyone want to write it? :) It would basically be a call to mkstemp() and setting an environment var. This could also solve the problem Doug Engert's pam_krb5_ccache.so module solves on Solaris, I think. -- Andrew Deason adea...@sinenomine.net _______________________________________________ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info