On Mon, Nov 24, 2008 at 2:32 PM, Randy Kemp <[EMAIL PROTECTED]> wrote: > I'm running openafs 1.4.7 client on Ubuntu Intrepid. It's running on a > multi-user application server where all the users connect from thin > clients via SSH sessions, in other words LTSP 5. I'm using > pam_afs_session to get tokens at login. I'm having an intermittent > problem where users will sometimes log in and not get an AFS token.
Sure, I bet the GUI login stuff is happening in a different session and so you're setting tokens; the user (in a different session, or perhaps with a different uid if you have a kernel which for some reason meant PAGs got disabled) just can't have them. I don't see how this means aklog lies or the cache manager is discarding the tokens. > Since it's trying to load a graphical session, the users in effect can't > log in because their home directory can't be accessed. When this starts > happening for users it tends to occur for almost all users. Users that > are already logged in don't loose their tokes. Restarting the app. > server will fix it but sometimes it just resolves itself after a while. > If I have a user log in to a shell via SSH they can manually exec > 'aklog' and then it will work fine, even if they log out and back in. > Once it starts occurring, the users that are already logged in can > typically log out and back in and get their token without a problem but > if they exec 'unlog' before logging out the won't get a token when they > attempt to log back in. Sure. This sounds like no PAG, and when they aklog *their uid* as opposed to the one running kdm or whatever gets the tokens. Try 1.4.8. _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
