"Rong,Yongjun(CS)" wrote:
> Hi, > The execle(gssklog_exec, "gssklog","-silent",0,env) in gssklog_pag_klog > has benn called. But it returns errno= 13 which means permission denied. I > have checked the permission of the gssklog and pam_gssklog.so.1. All are > 755. I can run gssklog manully via command line. But the pam_gssklog.so > cannot call gssklog via execle. gssklog_exec is the path of the gssklog. It defaults to /krb5/bin/gssklog If this is not the location, you will have to recompile or move it. Its on my to-do list to make this a parameter. (actually replace the gssklog_pag_klog.c with the routines used by ssh.) > > Anyone has any suggestions? > Thanks. > Rong > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Rong,Yongjun(CS) > Sent: Monday, June 14, 2004 2:35 PM > To: [EMAIL PROTECTED] > Subject: RE: [OpenAFS-devel] pam_gssklog on solaris9 > > I have got the pam_sm_setcred called when a user login. But pam_gss_klog > seems cannot call gssklog_pag_klog function. > I got below debug information before gssklog_pag_klog be called: > Jun 14 14:26:27 tset dtlogin[7216]: [ID 868606 user.debug] pam_gssklog: > env=KRB5CCNAME=FILE:/tmp/krb5cc_2079_X7aago > Jun 14 14:26:27 tset dtlogin[7216]: [ID 868606 user.debug] pam_gssklog: > set_pag=1 > > I have checked the /tmp/krb5cc_2079_X7aago is correct. But it seems > gssklog_pag_klog is not called even there is a function call from > pam_gssklog as below: > gssklog_pag_klog(set_pag, env); > I have put some debug inside the hssklog_pag_klog.c, but no any information > was print. > Thanks for your suggestions. > Rong > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Rong,Yongjun(CS) > Sent: Thursday, June 10, 2004 5:02 PM > To: Rong,Yongjun(CS); [EMAIL PROTECTED] > Subject: RE: [OpenAFS-devel] pam_gssklog on solaris9 > > I have got pam_sm_setcred called by PAM framework after I changed my > pam.conf as below: > dtlogin auth requisite pam_authtok_get.so.1 debug > #dtlogin auth required pam_dhkeys.so.1 debug > #dtlogin auth sufficient pam_unix_auth.so.1 debug use_first_pass > dtlogin auth required pam_krb5.so debug forwardable realmm=TTU.EDU > use_first_pass > dtlogin auth required pam_gssklog.so.1 debug > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Rong,Yongjun(CS) > Sent: Thursday, June 10, 2004 3:51 PM > To: [EMAIL PROTECTED] > Subject: [OpenAFS-devel] pam_gssklog on solaris9 > > Hi, All, > I have another problem for the pam_gssklog. It seems the pam_sm_setcred > cannot be called during the process of login. My pam.conf for dtlogin is as > below: > > dtlogin auth requisite pam_authtok_get.so.1 debug > dtlogin auth required pam_dhkeys.so.1 debug > dtlogin auth sufficient pam_unix_auth.so.1 debug use_first_pass > dtlogin auth optional pam_krb5.so debug forwardable realmm=TTU.EDU > use_first_pass > dtlogin auth optional pam_gssklog.so.1 debug > > pam_kr5b.so is work fine. After the user login, I can klist the tickets. But > the pam_gssklog is not work well. From the debug information, the > pam_sm_setcred is not be called. > Any suggestions, Thanks in advanced. > Rong > > _______________________________________________ > OpenAFS-devel mailing list > [EMAIL PROTECTED] > https://lists.openafs.org/mailman/listinfo/openafs-devel > > _______________________________________________ > OpenAFS-devel mailing list > [EMAIL PROTECTED] > https://lists.openafs.org/mailman/listinfo/openafs-devel > > _______________________________________________ > OpenAFS-devel mailing list > [EMAIL PROTECTED] > https://lists.openafs.org/mailman/listinfo/openafs-devel > > _______________________________________________ > OpenAFS-devel mailing list > [EMAIL PROTECTED] > https://lists.openafs.org/mailman/listinfo/openafs-devel -- Douglas E. Engert <[EMAIL PROTECTED]> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 _______________________________________________ OpenAFS-devel mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo/openafs-devel
