Hmmm. That sounds reasonable. Any idea what settings I might want to
look at? So far I've left all the nss-ldap stuff on the default settings
Gentoo provides (minus adding ldap to the nsswitch.conf, of course).
Thanks for the quick reply :)
Tom
On Sat, Aug 30, 2008 at 11:40 AM, Brandon S. Allbery KF8NH <
[EMAIL PROTECTED]> wrote:
> On 2008 Aug 30, at 14:13, Tom Cocagne wrote:
>
> I recently noticed a problem where all files in OpenAFS appear to be
> owned by most recently added user. An "ls -l" in user A's home directory
> will show all files being owned by user B, immediately after creating user
> B's account and home directory. The AFS security isn't broken, all
> permissions appear to be enforced correctly, but normal unix utilities that
> check file ownership are complaining. The user IDs in the pts database are
> correct and each user has a unique user id. Also, if user A does a touch
> "~/test_file", a subsequent "ls -l" shows the file is (correctly) owned by A
> even though the rest appear as if they were owned by B. The problem persists
> through reboots of both the servers and clients and is present even on new
> client machines added to AFS after all the accounts are created.
>
> Has anyone seen this problem before? I'm not really sure where to begin
> in tracking this down.
>
> Brief system description:
>
> Gentoo Linux
> Kernel 2.6.24
> OpenAFS 1.4.7
> MIT Kerberos 5 authentication
> User accounts stored in OpenLDAP
>
>
> I assume you're using LDAP for the nss switch? This sounds like the LDAP
> nss handler is caching when it shouldn't.
>
> --
> brandon s. allbery [solaris,freebsd,perl,pugs,haskell] [EMAIL PROTECTED]
> system administrator [openafs,heimdal,too many hats] [EMAIL PROTECTED]
> electrical and computer engineering, carnegie mellon university KF8NH
>
>
>
