david l goodrich d...@dsrw.org writes:
Success!
Setting CONFIG_KEYS=y and rebuilding the kernel solved the
problem:
d...@chaos:~$ id
uid=1000(dlg) gid=1000(dlg) groups=1000(dlg),1101353942
d...@chaos:~$ tokens
Tokens held by the Cache Manager:
User's (AFS ID 1000) tokens for
On Tue, Feb 24, 2009 at 09:08:57PM -0800, Russ Allbery wrote:
david l goodrich d...@dsrw.org writes:
It's a custom kernel, because it's a Xen domU. Which probably invites
all kinds of pain. But its config file is used in a different Xen domU,
which works fine. I've attached it, I'm not
On Mon, Feb 23, 2009 at 08:53:37PM -0800, Russ Allbery wrote:
david l goodrich d...@dsrw.org writes:
Package: libpam-afs-session
Version: 1.7-1
Severity: important
When logging in via SSH, a user does not get AFS tokens or a PAG, but
they do get kerberos tickets.
This works
david l goodrich d...@dsrw.org writes:
Certainly, they were taken from your README.
chaos:~# grep -v ^# /etc/pam.d/common-auth
auth [success=ok default=1] pam_krb5.so
auth [default=done] pam_afs_session.so debug
auth required pam_unix.so try_first_pass nullok_secure
On Tue, Feb 24, 2009 at 12:55:35PM -0800, Russ Allbery wrote:
david l goodrich d...@dsrw.org writes:
Certainly, they were taken from your README.
chaos:~# grep -v ^# /etc/pam.d/common-auth
auth [success=ok default=1] pam_krb5.so
auth [default=done] pam_afs_session.so debug
david l goodrich d...@dsrw.org writes:
I sure do:
Feb 25 02:11:16 chaos sshd[18207]: (pam_afs_session): pam_sm_setcred: entry
(0x2)
Feb 25 02:11:16 chaos sshd[18207]: (pam_afs_session): running /usr/bin/aklog
as UID 1000
Feb 25 02:11:16 chaos sshd[18207]: (pam_afs_session):
david l goodrich d...@dsrw.org writes:
running `id`, and looking for something like this (copied from a working
ubuntu box):
d...@aether:~$ id
uid=1000(dlg) gid=1000(dlg) groups=106(admin),1000(dlg),1104162558
d...@aether:~$
The extra high-numbered group won't necessarily show up, since
On Tue, Feb 24, 2009 at 06:49:10PM -0800, Russ Allbery wrote:
david l goodrich d...@dsrw.org writes:
running `id`, and looking for something like this (copied from a working
ubuntu box):
d...@aether:~$ id
uid=1000(dlg) gid=1000(dlg) groups=106(admin),1000(dlg),1104162558
david l goodrich d...@dsrw.org writes:
On Tue, Feb 24, 2009 at 06:49:10PM -0800, Russ Allbery wrote:
The extra high-numbered group won't necessarily show up, since PAGs are
really based on keyrings. If you run tokens, what is its output?
oh, right, sorry. I am also running `tokens`. No
On Tue, Feb 24, 2009 at 07:11:01PM -0800, Russ Allbery wrote:
david l goodrich d...@dsrw.org writes:
On Tue, Feb 24, 2009 at 06:49:10PM -0800, Russ Allbery wrote:
The extra high-numbered group won't necessarily show up, since PAGs are
really based on keyrings. If you run tokens, what is
david l goodrich d...@dsrw.org writes:
Could it be my ssh config? I'm really grasping at straws, here.
This bug report was sort of my last resort grin
Given that the PAM module is being run, it shouldn't be. UsePAM being set
to no is the only thing I can think of there, and clearly it's not.
On Tue, Feb 24, 2009 at 07:52:05PM -0800, Russ Allbery wrote:
david l goodrich d...@dsrw.org writes:
Could it be my ssh config? I'm really grasping at straws, here.
This bug report was sort of my last resort grin
Given that the PAM module is being run, it shouldn't be. UsePAM being set
david l goodrich d...@dsrw.org writes:
It's a custom kernel, because it's a Xen domU. Which probably invites
all kinds of pain. But its config file is used in a different Xen domU,
which works fine. I've attached it, I'm not very adept at reading these
files. It works for me, so I just
Package: libpam-afs-session
Version: 1.7-1
Severity: important
When logging in via SSH, a user does not get AFS tokens or a PAG, but
they do get kerberos tickets.
This works correctly via the console, but not SSH.
-- System Information:
Debian Release: 5.0
APT prefers testing
APT policy:
david l goodrich d...@dsrw.org writes:
Package: libpam-afs-session
Version: 1.7-1
Severity: important
When logging in via SSH, a user does not get AFS tokens or a PAG, but
they do get kerberos tickets.
This works correctly via the console, but not SSH.
I suspect your PAM configuration is
15 matches
Mail list logo