[OpenAFS] OpenAFS on FC6 (OpenAFS, LDAP, SSH, gdm afs tokens etc etc...)

[Ron Croonenberg]

Ok,   I did receive a few msgs from people that had issues with AFS 
tokens after login with SSH and gdm(remote) too.

Here is what I figured out.
Some of the pam "config" files in /etc/pam.d  contain lines like:

session        optional     pam_keyinit.so force revoke

From what I found is that the force parameter causes the afs token to 
disappear (soon)after login. (I read somewhere that it is exactly what 
the "force" parameter is supposed to do.)

Anyway, simply changing:

session        optional     pam_keyinit.so force revoke     to: 
     session        optional     pam_keyinit.so revoke

makes the OpenAFS client work again (at least for me it does) for those 
of us that can't move to kerberos yet and are "stuck" with the "klog 
thing". (Also a newer kernel than 2798 on FC6 helps too, also with some 
other issues. I wonder if that force parameter doesn't do the same thing 
with kerberos tickets)

Anyway, I don't know if it is all that elegant etc..  but this makes it 
work for me for now.


Ron




Simon Wilkinson wrote:

On 5 Sep 2007, at 17:53, Ron Croonenberg wrote:

Is that just a typo ?  or am I trying to build the 1.4.3 rpms ?

No - that's correct. 1.4.4 was made with a patch from the 1.4.3 tarball 
(it was a security release)

building the rpms breaks btw:

/usr/src/redhat/BUILD/openafs-1.4.3/src/libafs/MODLOAD-2.6.22.4-45.fc6-SP/rx_kmutex.c:125: 
error: 'struct task_struct' has no member named 'thread_info'

You need some additional patches. There should be a -3 release SRPM on 
the openafs.org website which contains them, and which has been used to 
build the recent FC6 kernel RPMS - there should also be RPMs available 
for the -45 kernel shortly.

Cheers,

Simon.


--
=================================================================
 It's is not, it isn't ain't, and it's it's, not its, if you mean
 it is. If you don't, it's its. Then too, it's hers. It isn't
 her's. It isn't our's either. It's ours, and likewise yours and
 theirs.
                                              -- Oxford Uni Press
=================================================================
 Ron Croonenberg                   |
                                   | Phone: 1 765 658 4761
 Lab Instructor &                  | Fax:   1 765 658 4732
         Technology Coordinator    |
                                   |
 Department of Computer Science    | e-mail: [EMAIL PROTECTED]
 DePauw University                 |
 275 Julian Science & Math Center  |
 602 South College Ave.            |
 Greencastle, IN  46135            |
=================================================================
 http://www.csc.depauw.edu/RonCroonenberg.html
=================================================================
_______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info