On Wed, Apr 04, 2007 at 06:07:46PM +0100, David Howells wrote: > Miles Davis <[EMAIL PROTECTED]> wrote: > > > Let me step back too, in case I'm on the wrong path. My symptom is > > that tokens are disappearing out from under users after a few minutes > > in a session. They're not expiring. Running "keyctl show" after ssh > > login shows that my keying is uid 0, but I don't know why. > > Can you run "keyctl show" immediately after you log in? > > > Session Keyring > > -3 --alswrv 0 0 keyring: _uid_ses.0 > > 2 --alswrv 0 0 \_ keyring: _uid.0 > > 29391168 ----s--v 0 0 \_ afs_pag: _pag
That was an example of it. I've since replaced my sshd_config & sshd pam config with the default, which I think I had changed dozens of times in the past week trying to eliminate imap problems, and the problem was the missing pam_keyinit.so line: session optional pam_keyinit.so force revoke sticking that back in pam.d/sshd seems to solve it. Not sure if that will also solve my imap problem, since I think that was in there already, but I'll keep testing. Thanks for the point in the right direction. -- // Miles Davis - [EMAIL PROTECTED] - http://www.cs.stanford.edu/~miles // Computer Science Department - Computer Facilities // Stanford University _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
