On 8/28/2022 3:14 AM, jukka.tuomi...@finndesign.fi wrote:
Hi all,I wonder if anybody has OpenAFS client working with GDM in Ubuntu 22.04 (or 20.04)? That is, allowing users to log into their homedirs graphically.
The underlying problem is that GDM heavily relies upon processes launched as children of "systemd --user" services. As a result they do not share the same session keyring as the child processes of login. The "systemd --user" expectation is that all processes executing as a "uid" have access to the same authentication credentials whether they be local or remote. In such an environment, AFS Process Authentication Groups (PAGs) cannot be created as a side-effect of login.
Modify the pam configuration to disable PAG creation for GDM logins.If the expectation is that "sshd" logins should be separate from the desktop, then "sshd" logins can continue to create a PAG.
Sincerely, Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
