We're moving a lot of our systems to Red Hat Enterprise Linux, and I've been working on getting AFS to behave the same way that it does on Solaris. I've found a strange behavior when I log into a box using Kerberos.
I've set it up to use pam_afs_session which I installed from the RHEL 6 EPEL repository. We're using the OpenAFS RPMs from openafs.org. When I log in and run tokens, I see this: sebby@jboss-temp0:~% tokens Tokens held by the Cache Manager: Tokens for [email protected] [Expires Nov 20 20:57] --End of list-- It does not list my UID, but I appear to have the right tokens - I can access protected directories, etc. If I run aklog again, it does the right thing: sebby@jboss-temp0:~% aklog sebby@jboss-temp0:~% tokens Tokens held by the Cache Manager: User's (AFS ID 13904) tokens for [email protected] [Expires Nov 20 20:57] --End of list-- Has anyone seen this behavior? We've got the following line in /etc/pam.d/common-auth (which is included by the various PAM files): session required pam_afs_session.so I tried adding program=/usr/bin/aklog but that seemed to make no difference. Since it's working this isn't critical, but I'm curious to know why it's doing it this way. Thanks, Brian -- Brian Sebby ([email protected]) | Infrastructure and Operation Services Phone: +1 630.252.9935 | Computing and Information Systems Fax: +1 630.252.4601 | Argonne National Laboratory _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
