Meant to post here as well... --- On Mon, 3/29/10, [email protected] <[email protected]> wrote:
> From: [email protected] <[email protected]> > Subject: Re: significant delay for afs user to login as root via su > To: "Andrew Deason" <[email protected]> > Date: Monday, March 29, 2010, 12:36 PM > Thanks for the follow up. I was > about to implement that suggestion, but I just discovered > I'm having some problems with logins. I'm seeing this > in my /var/log/messages: > > Mar 29 12:41:56 aerogold pulseaudio[2484]: core-util.c: > Failed to symlink > /afs/nd.edu/user12/ematlis/.pulse/f2823c772656aa9192bdc8574b58d8da-runtime.tmp > to /tmp/pulse-3kMM0lVbHDR3: Permission denied > Mar 29 12:41:56 aerogold pulseaudio[2484]: core-util.c: > Failed to symlink > /afs/nd.edu/user12/ematlis/.pulse/f2823c772656aa9192bdc8574b58d8da-runtime.tmp: > Permission denied > Mar 29 12:41:56 aerogold pulseaudio[2484]: > lock-autospawn.c: Cannot access autospawn lock. > Mar 29 12:41:56 aerogold pulseaudio[2484]: main.c: Failed > to acquire autospawn lock > Mar 29 12:42:01 aerogold pulseaudio[2501]: core-util.c: > Failed to symlink > /afs/nd.edu/user12/ematlis/.pulse/f2823c772656aa9192bdc8574b58d8da-runtime.tmp > to /tmp/pulse-eF6yrRvV9p8V: Permission denied > Mar 29 12:42:01 aerogold pulseaudio[2501]: core-util.c: > Failed to symlink > /afs/nd.edu/user12/ematlis/.pulse/f2823c772656aa9192bdc8574b58d8da-runtime.tmp: > Permission denied > Mar 29 12:42:01 aerogold pulseaudio[2501]: > lock-autospawn.c: Cannot access autospawn lock. > Mar 29 12:42:01 aerogold pulseaudio[2501]: main.c: Failed > to acquire autospawn lock > Mar 29 12:42:06 aerogold gnome-session[2365]: WARNING: > Application 'metacity.desktop' failed to register before > timeout > Mar 29 12:42:06 aerogold pulseaudio[2507]: core-util.c: > Failed to symlink > /afs/nd.edu/user12/ematlis/.pulse/f2823c772656aa9192bdc8574b58d8da-runtime.tmp > to /tmp/pulse-SMCaIeskt4fs: Permission denied > Mar 29 12:42:06 aerogold pulseaudio[2507]: core-util.c: > Failed to symlink > /afs/nd.edu/user12/ematlis/.pulse/f2823c772656aa9192bdc8574b58d8da-runtime.tmp: > Permission denied > Mar 29 12:42:06 aerogold pulseaudio[2507]: > lock-autospawn.c: Cannot access autospawn lock. > Mar 29 12:42:06 aerogold pulseaudio[2507]: main.c: Failed > to acquire autospawn lock > Mar 29 12:42:11 aerogold acpid: client 2197[0:0] has > disconnected > Mar 29 12:42:11 aerogold acpid: client connected from > 2197[0:0] > Mar 29 12:42:11 aerogold acpid: 1 client rule loaded > Mar 29 12:42:30 aerogold gnome-session[2365]: WARNING: > Unable to query client: Client is not registered > Mar 29 12:42:30 aerogold gnome-session[2365]: WARNING: > Unable to query client: Client is not registered > Mar 29 12:42:30 aerogold gnome-session[2365]: WARNING: > Unable to query client: Client is not registered > Mar 29 12:42:30 aerogold gnome-session[2365]: WARNING: > Unable to query client: Client is not registered > Mar 29 12:42:30 aerogold gnome-session[2365]: WARNING: > Unable to query client: Client is not registered > Mar 29 12:42:30 aerogold gnome-session[2365]: WARNING: > Unable to query client: Client is not registered > Mar 29 12:42:30 aerogold gnome-session[2365]: WARNING: > Unable to stop client: Client is not registered > Mar 29 12:42:30 aerogold gnome-session[2365]: WARNING: > Unable to stop client: Client is not registered > Mar 29 12:42:30 aerogold gnome-session[2365]: WARNING: > Unable to stop client: Client is not registered > > > This is happening with any user that logs in. It's > taking for ever for their log in process to complete as a > result. > > When I do log in from the console, that is to say from in > front of the machine, I get an error dialog window which > pops up saying roughly that it couldn't modify .ICEauthority > in my home directory, even though I have rw > priviledges. Help! > > Any thoughts? > > thanks, > eric > > --- On Mon, 3/29/10, Andrew Deason <[email protected]> > wrote: > > > From: Andrew Deason <[email protected]> > > Subject: Re: significant delay for afs user to login > as root via su > > To: [email protected] > > Date: Monday, March 29, 2010, 10:24 AM > > On Thu, 18 Mar 2010 13:09:23 -0700 > > (PDT) > > [email protected] > > wrote: > > > > > Right, I agree with you. > > > > > > I guess my original concern was that the su delay > was > > symptomatic of > > > some larger problem with my AFS or PAM setup. > > But if it's really only > > > going to happen in the narrow set of > circumstances > > I've outlined, then > > > it's not a critical issue; it's not like many of > the > > AFS accounts will > > > have su access anyway. > > > > (This thread is a bit old; sorry, fell of my radar) > > > > If you're fine with that, that's fine, but just so > you > > know, there are > > potential other problems with having .Xauthority in > AFS. > > That is, it's a > > good idea to force it into /tmp or /var/tmp or > /var/run > > regardless. > > > > You may experience less performance just in general > for > > launching X > > apps. It can also mess stuff up if you try to use X > from > > more than one > > machine at once (and both machines have your home dir > in > > AFS), and it > > can be really insecure. If you have .Xauthority in > your AFS > > home > > directory, anyone with 'r' permissions on your home > dir can > > mess with > > your X display. > > > > So it may be worthwhile to fix anyway. I think Booker > > Bense's suggestion > > here: > > <http://lists.openafs.org/pipermail/openafs-info/2010-March/033273.html> > > is probably the easiest way to fix this for everyone > on the > > machine. You > > just need to add that line he mentions to > > /etc/security/pam_env.conf; I > > think that should be all you need to do, but I don't > mind > > assisting if > > that doesn't work. > > > > -- > > Andrew Deason > > [email protected] > > > > > > _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
