Re: [OpenAFS] Cache Manager drops tickets
Russ Allbery schrieb: Kai Moritz [EMAIL PROTECTED] writes: Is there a workaround, or a newer version of libpam-openafs-session? Not yet, but that's what I'm working on right now. You can build http://www.eyrie.org/~eagle/software/pam-afs-session/ by hand and use it as a replacement, but it's not packaged for Debian yet. For the etch release, I'm probably going to take the syscall layer for Linux out of that package and patch it into libpam-openafs-session, and then do the actual migration for the next Debian release. I'm hoping to have new packages uploaded to unstable by the end of the weekend. Thanks for the information! I think I will give your new version a try. Best Regards Kai Moritz ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Cache Manager drops tickets
Russ Allbery schrieb: anymore. I am a bit confused, because the problem only arises on this one other machine, which is a Debian testing/unstable mix (with actual openafs 1.4.2 packages from unstable). On all other machines (Debian sarge and one Kubuntu edgy, all with hand-compiled openafs 1.4.1 debian-packages, taken from Kubuntu Edgy) libpam-openafs-session works well, though the version of the source for the libpam-openafs-session is 1.0 on all systems! The user reports, that he always losts his afs-tokens, if he does a su to become root. Also, the tokens got lost after some time anyway... aklog -setpag stopped working in 1.4.2, which is probably the difference. Is there a workaround, or a newer version of libpam-openafs-session? I tried to find one via google, but the only hits I get for libpam-openafs-session are debian-package-sites. Perhaps it is the easiest workaround to downgrade that client to 1.4.1... Greetings Kai Moritz ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Cache Manager drops tickets
Kai Moritz [EMAIL PROTECTED] writes: Is there a workaround, or a newer version of libpam-openafs-session? Not yet, but that's what I'm working on right now. You can build http://www.eyrie.org/~eagle/software/pam-afs-session/ by hand and use it as a replacement, but it's not packaged for Debian yet. For the etch release, I'm probably going to take the syscall layer for Linux out of that package and patch it into libpam-openafs-session, and then do the actual migration for the next Debian release. I'm hoping to have new packages uploaded to unstable by the end of the weekend. -- Russ Allbery ([EMAIL PROTECTED]) http://www.eyrie.org/~eagle/ ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Cache Manager drops tickets
Russ Allbery schrieb: Are you using libpam-openafs-session? If so, try removing it temporarily from your /etc/pam.d/common-session and see if your tokens now stick around. It's a little too aggressive about deleting tokens in my experience. Yes, I am using libpam-openafs-session, and your suggestion solves my problem, thanks :) But now, the problem arises on one other machine. Unlike brunhild, this machine is no testing-box. So I cannot just remove libpam-openafs-session, because then, the user cannot login normally anymore. I am a bit confused, because the problem only arises on this one other machine, which is a Debian testing/unstable mix (with actual openafs 1.4.2 packages from unstable). On all other machines (Debian sarge and one Kubuntu edgy, all with hand-compiled openafs 1.4.1 debian-packages, taken from Kubuntu Edgy) libpam-openafs-session works well, though the version of the source for the libpam-openafs-session is 1.0 on all systems! The user reports, that he always losts his afs-tokens, if he does a su to become root. Also, the tokens got lost after some time anyway... By the way: I'm running the fileserver with version 1.4.1, but some Linux-Clients with version 1.4.2 and all Windows-Clients with versuib 1.5.11. Is this leagal, or may it corrupt the fileserver? Greetings Kai Moritz ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Cache Manager drops tickets
Kai Moritz [EMAIL PROTECTED] writes: But now, the problem arises on one other machine. Unlike brunhild, this machine is no testing-box. So I cannot just remove libpam-openafs-session, because then, the user cannot login normally anymore. I am a bit confused, because the problem only arises on this one other machine, which is a Debian testing/unstable mix (with actual openafs 1.4.2 packages from unstable). On all other machines (Debian sarge and one Kubuntu edgy, all with hand-compiled openafs 1.4.1 debian-packages, taken from Kubuntu Edgy) libpam-openafs-session works well, though the version of the source for the libpam-openafs-session is 1.0 on all systems! The user reports, that he always losts his afs-tokens, if he does a su to become root. Also, the tokens got lost after some time anyway... aklog -setpag stopped working in 1.4.2, which is probably the difference. By the way: I'm running the fileserver with version 1.4.1, but some Linux-Clients with version 1.4.2 and all Windows-Clients with versuib 1.5.11. Is this leagal, or may it corrupt the fileserver? Nope, shouldn't cause any problems. -- Russ Allbery ([EMAIL PROTECTED]) http://www.eyrie.org/~eagle/ ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
Re: [OpenAFS] Cache Manager drops tickets
Kai Moritz [EMAIL PROTECTED] writes: I set up an openafs fileserver to replace our old nfs system. Everything is running fine, but i have some strange problems while copying the old user data to the new system: I cannot install an openafs-client on the machine, where the old data is living on (called zimt). So I simply logged into a machine with openafs-client (called brunhild) as root and got tickets for my afs-adminuser via kinit afsadmin and aklog. Then I start an rsync on zimt like this rsync -av /home [EMAIL PROTECTED]:/afs/cellname/user. All works fine in the beginning, but after some time (5-30 min) the rsync command is interrupted because of access-problems. Issuing tokens on brunhild shows, that the cache manager has dropped the token, althoug it was not expired. I cannot figure out why... There are no error-messages in the openafs-log-files. Time is synchronized and another aklog fetches a new token without any problems. I am running openafs 1.4.1 with MIT Kerberos on a Debian Sarge system. Are you using libpam-openafs-session? If so, try removing it temporarily from your /etc/pam.d/common-session and see if your tokens now stick around. It's a little too aggressive about deleting tokens in my experience. -- Russ Allbery ([EMAIL PROTECTED]) http://www.eyrie.org/~eagle/ ___ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info