Hi Jason, i want to feedback that i found the issue in the past.
The problem was that not all subdirectories were set with the AFS apache username and rl permission because i was using "fs sa ...." instead "find .... -type d -exec fs sa .... ". So now it seems to work :-) thanks and regards, Andreas > Andreas, > > Try modifying your systemd unit file to add the "-t" parameter as follows: >> ExecStart=/usr/bin/k5start -o apache -K30 -t -f /etc/httpd.keytab >> httpd-principal-name -- /usr/sbin/httpd $OPTIONS -DFOREGROUND > > The "-t" option runs the aklog command to grab tokens. I don't use > this because my AFS folders are granted via IP ACLs and the kerberos > credentials are only used for accessing kerberized SMB shares. i already used the -t option. > > Sincerely, > Jason
smime.p7s
Description: S/MIME Cryptographic Signature
