Re: [URG] SSH & PAM
From: Mike Delaney (mdelan_at_computer.org)
Date: 02/24/04
- Next message: Chris Skelsey: "Re: SSH: trying the simplest configuration with no success"
- Previous message: Arno: "Putty forwarding dns lookups on port 53?"
- In reply to: Sensei: "Re: [URG] SSH & PAM"
- Next in thread: Darren Tucker: "Re: [URG] SSH & PAM"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 23 Feb 2004 16:02:03 -0800
On Mon, 23 Feb 2004 20:09:01 GMT, Sensei said something similar to:
: On Mon, 23 Feb 2004 11:41:59 -0800, Mike Delaney wrote:
: > If myuser's home directory is located in an AFS volume, then this is
: > the behavior you'd expect if myuser doesn't have a valid AFS token.
: > The Unix file permissions are quite meaningless in AFS.
:
: Yes! You're right:
:
: > /usr/afsws/bin/tokens
:
: Tokens held by the Cache Manager:
:
: --End of list--
: >
:
: God!!!!!!!!!
:
: Why?????
I suspect that something is breaking the association between the user's
shell and the token held in the cache (or possibly deleting the token
before the session passes to the shell). PrivSep has been known to have
odd interactions with PAM on some systems, which is why I suggested turning
it off, but since you say turning it off has no effect on the problem,
I'm not really sure where to look next. It's been a few years since I've
dealt with AFS.
You might try asking in the AFS/OpenAFS user forums.
- Next message: Chris Skelsey: "Re: SSH: trying the simplest configuration with no success"
- Previous message: Arno: "Putty forwarding dns lookups on port 53?"
- In reply to: Sensei: "Re: [URG] SSH & PAM"
- Next in thread: Darren Tucker: "Re: [URG] SSH & PAM"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
