> Recently in OpenSolaris pam_krb5 was changed so that
> it will get a new
> TGT when stacked on the xscreensaver pam stack. This
> helps too as even
> if the renew timeout has been reached a new TGT will
> be fetched. It
> hasn't been backported yet to S10 though (probably
> will be soon).
Yeah, that is probably a good thing too. However, I doubt that will help in
this
case anyway since the problem is that xscreensaver fails to start the
password-prompting-and-pam-talking window...
There needs to be some way to start up the password-prompting
window without requiring $HOME access. I see only a few ways to
solve that:
a) Keep a private copy of $HOME/.Xauthority somewhere and use that one instead.
b) Start up the password prompting program early and keep it running forever so
it never
releases its X display connection.
c) Don't use Secure NFS
d) Use Kerberos tickets that last forever
e) Disable X 'security'
c/d/e isn't really good solutions in my mind :-)
- Peter
--
This message posted from opensolaris.org
