Hi list,
For quite some time I have tried to debug a script running from a
cronjob but I just cannot find my error.
* The short version *
I have a keytab which is used from my cronscript. The script is executed
every 5 minutes and has a local non-AFS lockfile to prevent multiple
scripts working
Greetings,
While poking around to figure out how to get the afsd daemon with the
-verbose and -debug flags to log someplace useful (*grumbles at
initlog*) I discovered a neat kernel panic. With AFS already running
typing afsd -debug as root results in a kernel panic and a frozen
machine. I have
Jacob Volstrup wrote:
Hi list,
For quite some time I have tried to debug a script running from a
cronjob but I just cannot find my error.
* The short version *
I have a keytab which is used from my cronscript. The script is executed
every 5 minutes and has a local non-AFS lockfile to prevent
Perhaps this is usefull for somebody, i compiled and works smootly
Openafs 1.5.14 with kernel 2.6.20 in Suse 10.1.
Bye
Walter Lamagna
___
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info
tor, 15 02 2007 kl. 09:34 -0600, skrev Douglas E. Engert:
* The short version *
I have a keytab which is used from my cronscript. The script is executed
every 5 minutes and has a local non-AFS lockfile to prevent multiple
scripts working on data at the same time.
For convenience we call
* Jacob Volstrup [2007-02-15 17:02:49 +0100]:
Now I just have to find out how to let each cronjob run in their very
own environment. I have been looking at my pam configuration but cannot
seem to find any errors or solutions. Maybe I need another option in my
pam configuration?
I don't think
Jacob Volstrup [EMAIL PROTECTED] writes:
With klist I got the information needed to find out that a new cronjob
is running within the same environment as the previous cronjob (as my
suspicion was telling me). This kind of explains why the token does not
remain for the first occurrence of the
Sergio Gelato [EMAIL PROTECTED] writes:
I like Heimdal kinit for this. From the man page:
If a command is given, kinit will setup new credentials caches,
and AFS PAG, and then run the given command. When it finishes the
credentials will be removed.
Available in Ubuntu
Is there any good reason(s) for NOT deploying a
Kerberos REALM name that is different from the
AFS cell name. When we move to a K5 server I may
have to use a different REALM name on the db/file servers.
I want to be sure this will not be a problem in the future.
I have tested different
John W. Sopko Jr. wrote:
Is there any good reason(s) for NOT deploying a
Kerberos REALM name that is different from the
AFS cell name. When we move to a K5 server I may
have to use a different REALM name on the db/file servers.
I want to be sure this will not be a problem in the future.
I
You mean like say a krb5 realm named ATHENA.MIT.EDU supporting a cell
named sipb.mit.edu? Sure. Go nuts.
On Thu, 15 Feb 2007, John W. Sopko Jr. wrote:
Is there any good reason(s) for NOT deploying a
Kerberos REALM name that is different from the
AFS cell name. When we move to a K5 server I
I have a machine running openafs 1.4.2 on OpenSuSE 10.2 x86_64 that is
showing thousands of these messages.
Feb 14 16:56:41 ro kernel: afs_NewVCache: warning none freed, using 3600
of 3600
Feb 14 16:56:41 ro kernel: afs_NewVCache - none freed
These messages show up when a user is running a
Jeffrey Altman wrote:
John W. Sopko Jr. wrote:
Is there any good reason(s) for NOT deploying a
Kerberos REALM name that is different from the
AFS cell name. When we move to a K5 server I may
have to use a different REALM name on the db/file servers.
I want to be sure this will not be a
OK, so it looks like a no problem with the pam_openafs_session.so
deleting the token.
What is really needed is a pam_* that just gets a PAG. and maybe
a pam_krb5 that sets the KRB5CCNAME even without getting a ticket.
But in the mean time, you could change try changing your crontab entry
to
Douglas E Engert [EMAIL PROTECTED] writes:
OK, so it looks like a no problem with the pam_openafs_session.so
deleting the token.
What is really needed is a pam_* that just gets a PAG.
pam-afs-session does this when there is no Kerberos ticket.
--
Russ Allbery ([EMAIL PROTECTED])
Russ Allbery wrote:
Douglas E Engert [EMAIL PROTECTED] writes:
OK, so it looks like a no problem with the pam_openafs_session.so
deleting the token.
What is really needed is a pam_* that just gets a PAG.
pam-afs-session does this when there is no Kerberos ticket.
Then why was he
tor, 15 02 2007 kl. 14:52 -0600, Douglas E. Engert wrote:
But in the mean time, you could change try changing your crontab entry
to have: /usr/bin/pagsh -c consctipt-initialize.pl
i.e. run /usr/bin/pagsh that gets a PAG and then execs /bin/sh.
/bin/sh then runs your original the script is
Douglas E Engert [EMAIL PROTECTED] writes:
Russ Allbery wrote:
Douglas E Engert [EMAIL PROTECTED] writes:
OK, so it looks like a no problem with the pam_openafs_session.so
deleting the token.
What is really needed is a pam_* that just gets a PAG.
pam-afs-session does this when there is no
OK, sorry, about that good to see that pam_afs-session does what I
was asking about.
Russ Allbery wrote:
Douglas E Engert [EMAIL PROTECTED] writes:
Russ Allbery wrote:
Douglas E Engert [EMAIL PROTECTED] writes:
OK, so it looks like a no problem with the pam_openafs_session.so
deleting the
19 matches
Mail list logo