> Is pam_keyinit in the stack? In RHEL5, you'll probably be using > keyring based PAGs, which require that the user's keyring not be > reinitialised after they've been set up. The pam_keyinit module > deletes any keys that may exist in the user's environment, so if it's > run before pam_afs you lose.
It is and removing it solves the problem, both with gdm logins and ssh remote logins to the box. Thank you. > There _may_ also be problems if pam_afs uses the 'change the PAG of > my parent' feature of setpag. That's known not to work properly in > recent Linux kernels - see (Link missing?) > But, seriously, pam_afs? When are you going to stop hurting yourself? You don't want to know. -- Atro Tossavainen (Mr.) / The Institute of Biotechnology at Systems Analyst, Techno-Amish & / the University of Helsinki, Finland, +358-9-19158939 UNIX Dinosaur / employs me, but my opinions are my own. < URL : http : / / www . helsinki . fi / %7E atossava / > NO FILE ATTACHMENTS _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
