Hi Douglas, >Sounds like gdm and X11 are trying to access your home directory >before having a token.
hmmm.. I see what you mean one thing though on other machines (afs-clients) I don't seem to have that problem. >If your pam_krb5 has a force_cred and/or force_token option, you >may want to use it to get the tickets and token early during the auth, >rather then session or store creds parts of PAM. ok.. but I don't use pam_krb5 in pam. >As a test, change the acls on the home directory to allow access >without a token from the test machine. that's an idea, let me check that RIGHT now... (tried a junk account) same things happens...but look at this: Oct 31 14:06:43 oort gdm(pam_unix)[67778]: session opened for user jeepdude by (uid=0) Oct 31 14:06:43 oort gdm[67778]: gdm_slave_session_start: /home/jeepdude is writable by group. Oct 31 14:06:43 oort gdm[67778]: gdm_auth_user_add: /home/jeepdude is writable by group. Oct 31 14:06:43 oort gdm[67778]: gdm_auth_user_add: Could not open cookie file /tmp/.gdm9W5qvG Oct 31 14:06:43 oort gdm[67778]: Tried wiping some old user session errors files to make disk space and will try adding user auth files again Oct 31 14:06:43 oort gdm[67778]: gdm_auth_user_add: /home/jeepdude is writable by group. Oct 31 14:06:43 oort gdm[67778]: gdm_auth_user_add: Could not open cookie file /tmp/.gdm5jAtPM Oct 31 14:06:53 oort gdm(pam_unix)[67778]: session closed for user jeepdude Oct 31 14:07:33 oort kernel: reop_import_path: no such path: /afs/csc.depauw.edu/home/jeepdude > and... on this machine a gdm login with root works. >The root home is not in AFS, so you don't need the token early. I know, but gdm works with "local" accounts.. I meant to say it is not the case that gdm doesn't work at all. thanks, Ron _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
