On Mon, 19 Dec 2011 13:00:24 -0500 Dave Botsch <[email protected]> wrote:
> Dec 19 10:19:57 tmp29 authorizationhost[35432]: > pam_afs_session(authorization): aklog program /usr/bin/aklog returned 4 4 is AKLOG_KERBEROS, indicating something Kerberos-related is the issue. aklog only says specifically what went wrong by spitting messages to stderr, though, which pam_afs_session directs to /dev/null. You could see what aklog is complaining about by specifying some aklog wrapper to redirect stderr... maybe something like: #!/bin/sh tmp=`TMPDIR=/tmp mktemp` klist -f >"$tmp" 2>&1 exec /usr/bin/aklog "$@" 2>>"$tmp" chmod a+x /path/to/wrapper, and then specify 'pam_afs_session.so program=/path/to/wrapper' and see what shows up in /tmp/. I assume aklog just can't find the appropriate ccache or maybe it's something with the weak_crypto option or something, but it's good to see what's going on. -- Andrew Deason [email protected] _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
