[OpenAFS] pam-afs-session on OS X Lion

Mon, 19 Dec 2011 10:01:04 -0800 

hi, all.

So, pam-afs-session doesn't seem to work on Lion, properly with:

OpenAFS 1.6.0-1-g54686 built  2011-09-02

So, I can get Kerberos tickets and run aklog to successfully get tokens
at the command prompt, and all works fine. However, if I try to get
tokens whilst logging in, I run into the following problem:

Dec 19 10:19:57 tmp29 authorizationhost[35432]:
pam_afs_session(authorization): pam_sm_setcred: entry (0x1)
Dec 19 10:19:57 tmp29 authorizationhost[35432]:
pam_afs_session(authorization): running /usr/bin/aklog as UID 502
Dec 19 10:19:57 tmp29 authorizationhost[35432]:
pam_afs_session(authorization): aklog program /usr/bin/aklog returned 4
Dec 19 10:19:57 tmp29 authorizationhost[35432]:
pam_afs_session(authorization): pam_sm_setcred: exit (success)

Note that I *do* get Kerberos tickets upon logging in from the built in
pam_krb5.

Here's my PAM config in /etc/pam.d/authorization :

# authorization: auth account
auth       optional       pam_krb5.so use_first_pass use_kcminit
default_principal
auth       optional       pam_ntlm.so use_first_pass
auth    optional        pam_afs_session.so nopag always_aklog debug
auth       required       pam_opendirectory.so use_first_pass nullok
account    required       pam_opendirectory.so
session optional        pam_afs_session.so nopag always_aklog debug

Thanks.



-- 
********************************
David William Botsch
Programmer/Analyst
CNF Computing
[email protected]
********************************
_______________________________________________
OpenAFS-info mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-info

Reply via email to