Am Montag, 4. April 2005 15:48 schrieb Frank Burkhardt: Hi Frank,
thanks for the quick response! > On Mon, Apr 04, 2005 at 01:39:33PM +0200, Cajus Pollmeier wrote: > > Hi! > > > > I've a strange problem here while working localy on the machine named > > "lama". Everytime when a friend logs in (via SSH), I'm loosing my token > > (ID 1011) and get his token (ID 1006) instead. I've gained permissions to > > his data in this case, while I've lost access to my own stuff. For this > > case I left a shell open which is just used to enter an "aklog" again: > > What does the 'id -G' command show in > 1. your session? 1011 33801 47627 80 999 1004 1023 > 2. your friend's ssh-session? 1006 33801 47627 1004 1023 So the ID's are different, but there are some common groups. > _Maybe_ you restarted/started your ssh-server in your own PAG. > Example: > > <wrong> > [EMAIL PROTECTED]:~$ su > password: > [EMAIL PROTECTED]:~# /etc/init.d/ssh stop > [EMAIL PROTECTED]:~# /etc/init.d/ssh start > [EMAIL PROTECTED]:~# exit > [EMAIL PROTECTED]:~$ > </wrong> > > The ssh-deamon inherits your PAG (process authentication group). It can be > avoided by using 'unpagsh' before running the ssh-daemon: Sure, I've restarted ssh. Hmm. Is unpagsh replacable by pagsh? I've no unpagsh on my system here... Cheers, Cajus _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
