> I pulled down the source from Sourceforge and I'm not sure what made you > think that this was based on Cusack's module. As near as I can tell, it's > based on the Red Hat Kerberos v5 PAM module with nary a sign of Cusack's > module in sight.
That's true. It's based on the Red Hat module. I was confused by the following: the libpam-heimdal package contained in debian/woody is the Cusack one. When you build the module from the sourceforge site (Balazs GAL) using the debian packaging tools, the package name is also libpam-heimdal :-( Sorry for the confusion. > Could you give me a bit more information on what lets you force credential > refreshing with the screensaver? What PAM configuration does this module > allow that lets you do that, and which wasn't available elsewhere? I got the hint from somebody else on this list: /etc/pam.d/kscreensaver: auth sufficient pam_krb5afs.so ignore_root force_creds refresh_creds auth required pam_unix.so shadow try_first_pass _______________________________________________ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info