Russ Allbery wrote:
Douglas E Engert <[EMAIL PROTECTED]> writes:
OK, so it looks like a no problem with the pam_openafs_session.so
deleting the token.
What is really needed is a pam_* that just gets a PAG.
pam-afs-session does this when there is no Kerberos ticket.
Then why was he having problems in the first place?
It appeared that his problewm was not being in a PAG problem.
and his pam.d configuration implied pam_openafs_session was being called.
You had said:
pam_openafs_session will blow away tokens acquired by cron jobs when the
PAM session for the cron job closes.
You have a few options. One is that you could use k5start inside your
cron job, since it creates a new PAG and then runs the command with
tickets and tokens inside that PAG.
If so and the two jobs are in different PAGs, it should not
have caused his problem. Only if they are not in a PAG
would this be a problem.
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info
