Mike Dopheide wrote:
I don't believe this to be an OpenAFS issue, but I believe only AFS
users might have seen the symptom.
SunOS 5.8 (only)
OpenAFS 1.2.13 or Transarc
MIT Kerberos 1.3.6 or 1.4.3
OpenSSH 3.9p1 or 4.2p1
Building a new version of OpenSSH for 5.8 results in an sshd that ends
up sharing AFS tokens between users. The current running version on the
system (3.9p1) works just fine. Rebuilding that same version again
results in sharing AFS tokens.
Sounds like the sshd is not getting a PAG. You say you rebuilt it and it
now fails? Did you change the configure options or sshd_config options,
or did you loose the kafs lib?
What does the command:
ldd sshd
show for the working and none working versions of sshd?
Building the same on Solaris 5.7 or 5.9 works just fine. Unfortunately,
the 5.7/5.9 systems still have Transarc AFS (ack), but if I run the 5.7
binaries on the 5.8 system they still result in sharing tokens.
Conveniently, the same problem appears on 5.8 running Transarc.
The syscall used for AFS is not the same on all the Solaris systems.
5.7 uses 73, 5.8 and 5.9 use 65.
Logging into the 5.8 systems with kerberized telnet does not result in
shared tokens, only ssh. Has anyone seen this behavior? I don't care
so much about it getting fixed, I just want to know we're not alone.
You may be alone, as most people use PAM sessison routines to get the PAG
and the token.
-Mike
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
