On Sun, 2009-11-15 at 08:22 -0500, Brian J. Murrell wrote:
> On Wed, 2009-11-11 at 19:03 -0500, Simo Sorce wrote:
> >
> > I have tested this yesterday (with git master), if you set FILE:%
> > d/krb5cc_%U sssd will happily refresh the crdentials at screen unlock.
>
> Ahhh. ~light bulb goes on~
On Wed, 2009-11-11 at 19:03 -0500, Simo Sorce wrote:
>
> I have tested this yesterday (with git master), if you set FILE:%
> d/krb5cc_%U sssd will happily refresh the crdentials at screen unlock.
Ahhh. ~light bulb goes on~ I am finally coming around to what you are
saying. Wow. It's even mor
On Wed, 2009-11-11 at 17:27 -0500, Brian J. Murrell wrote:
> > If
> > you want to renew the TGT with every authentication you have to use
> a
> > per-user unique ccache file, e.g. FILE:%d/krb5cc_%U.
>
> I don't think so. I think even a per-login-session ccache file that
> will be created by a gno
On Wed, 2009-11-11 at 09:35 +0100, Sumit Bose wrote:
>
> ah, sorry, I misinterpreted your original post. I thought a ccache file
> wasn't created at all when using gnome-screensaver.
No, you didn't mis-interpret I don't think. Here's what happened:
1. Logged into gnome, got a ccache file
On Wed, 2009-11-11 at 09:35 +0100, Sumit Bose wrote:
> On Tue, Nov 10, 2009 at 11:36:45PM -0500, Brian J. Murrell wrote:
> > On Mon, 2009-11-09 at 21:19 +0100, Sumit Bose wrote:
> > >
> > > Does this mean you are still seeing [Credentials cache I/O operation
> > > failed XXX] in krb5_child.log?
>
On Tue, Nov 10, 2009 at 11:36:45PM -0500, Brian J. Murrell wrote:
> On Mon, 2009-11-09 at 21:19 +0100, Sumit Bose wrote:
> >
> > Does this mean you are still seeing [Credentials cache I/O operation
> > failed XXX] in krb5_child.log?
>
> No. I am seeing nothing new at all in the krb5_child.log w
On Mon, 2009-11-09 at 21:19 +0100, Sumit Bose wrote:
>
> Does this mean you are still seeing [Credentials cache I/O operation
> failed XXX] in krb5_child.log?
No. I am seeing nothing new at all in the krb5_child.log when
authentications happen.
> this indicates that everything is ok, please se
On Mon, Nov 09, 2009 at 09:56:24AM -0500, Brian J. Murrell wrote:
> On Mon, 2009-11-09 at 15:47 +0100, Sumit Bose wrote:
> >
> > yes, can you send the log files for the gnome-screensaver case ?
>
> Sure. Nothing new in the krb5_child.log, however, sssd_pam.log:
Does this mean you are still see
On Mon, 2009-11-09 at 10:06 -0500, Stephen Gallagher wrote:
>
> Please also attach sssd_KRB5.log. That is more likely to have the
> relevant information.
Not at all I'm afraid.
The last timestamp I have in that file is 1257770543 and the last
timestamp of the gnome-screensaver use that I sent p
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/09/2009 09:56 AM, Brian J. Murrell wrote:
> On Mon, 2009-11-09 at 15:47 +0100, Sumit Bose wrote:
>>
>> yes, can you send the log files for the gnome-screensaver case ?
>
> Sure. Nothing new in the krb5_child.log, however, sssd_pam.log:
>
> (1
On Mon, 2009-11-09 at 15:47 +0100, Sumit Bose wrote:
>
> yes, can you send the log files for the gnome-screensaver case ?
Sure. Nothing new in the krb5_child.log, however, sssd_pam.log:
(1257778320) [sssd[pam]] [accept_fd_handler] (4): Client connected!
(1257778320) [sssd[pam]] [sss_cmd_get_ve
On Mon, Nov 09, 2009 at 09:29:44AM -0500, Brian J. Murrell wrote:
> On Mon, 2009-11-09 at 15:13 +0100, Sumit Bose wrote:
> >
> > This error indicates a short write.
>
> Ahhh. Now that is meaningful to me. :-)
>
> > Can you check if a ccache file is
> > create at all and if yes check the conte
On Mon, 2009-11-09 at 15:13 +0100, Sumit Bose wrote:
>
> This error indicates a short write.
Ahhh. Now that is meaningful to me. :-)
> Can you check if a ccache file is
> create at all and if yes check the content with klist?
I didn't realize it was the ccache it was complaining about and I
On Mon, 2009-11-09 at 07:58 -0500, Stephen Gallagher wrote:
> Hmm, this looks incorrect here. Why are we getting "child status[0]"
> and
> then "no child with pid [23777]"
>
> Sumit, do you have any ideas here?
I think that we have concurrent functions using waitpid() for children.
one in sig_cld
On Mon, Nov 09, 2009 at 08:48:19AM -0500, Brian J. Murrell wrote:
> On Mon, 2009-11-09 at 14:34 +0100, Sumit Bose wrote:
> >
> > Can you send krb5_child.log, too?
>
> Nothing too exciting:
>
> (1257770543) [[sssd[krb5_child[23777 [get_and_save_tgt] (1): 241:
> [-1765328191][Credentials cac
On Mon, 2009-11-09 at 14:34 +0100, Sumit Bose wrote:
>
> Can you send krb5_child.log, too?
Nothing too exciting:
(1257770543) [[sssd[krb5_child[23777 [get_and_save_tgt] (1): 241:
[-1765328191][Credentials cache I/O operation failed XXX]
(1257770543) [[sssd[krb5_child[23777 [tgt_req_chi
On Mon, Nov 09, 2009 at 07:52:43AM -0500, Brian J. Murrell wrote:
> On Mon, 2009-11-09 at 07:33 -0500, Stephen Gallagher wrote:
> > Brian, can you open a bug at https://fedorahosted.org
>
> I would but I can't make out the stupid captcha and there is no button
> to generate a new one! I really h
On Mon, 2009-11-09 at 07:58 -0500, Stephen Gallagher wrote:
>
> If you create an account at https://admin.fedoraproject.org/accounts you
> will not be required to validate the captcha.
That's what site (including the https) I am at. Anyway, I seem to have
found one I could actually read.
> Bri
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/09/2009 07:52 AM, Brian J. Murrell wrote:
> On Mon, 2009-11-09 at 07:33 -0500, Stephen Gallagher wrote:
>> Brian, can you open a bug at https://fedorahosted.org
>
> I would but I can't make out the stupid captcha and there is no button
> to gen
On Mon, 2009-11-09 at 07:33 -0500, Stephen Gallagher wrote:
> Brian, can you open a bug at https://fedorahosted.org
I would but I can't make out the stupid captcha and there is no button
to generate a new one! I really hate captchas you know. They are
getting to the point where nobody can read
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 11/08/2009 09:31 PM, Brian J. Murrell wrote:
> On Sat, 2009-11-07 at 20:02 -0500, Simo Sorce wrote:
>>
>> It should work, any chance you can check if this fails to work with
>> master as well ?
>
> Master fails in a completely different way:
>
>
On Sat, 2009-11-07 at 20:02 -0500, Simo Sorce wrote:
>
> It should work, any chance you can check if this fails to work with
> master as well ?
Master fails in a completely different way:
Nov 8 18:19:41 laptop login[17852]: pam_sss(login:auth): user info:
[Credentials cache I/O operation fail
On Sat, 2009-11-07 at 15:32 -0500, Brian J. Murrell wrote:
> I've got SSSD 0.7.1 installed on a laptop here for my wife. She
> authenticates with kerberos on that laptop via sssd.
>
> So, when she first logs in, sssd manages to get her a tgt and everything
> is good. However when gnome-screensav
I've got SSSD 0.7.1 installed on a laptop here for my wife. She
authenticates with kerberos on that laptop via sssd.
So, when she first logs in, sssd manages to get her a tgt and everything
is good. However when gnome-screensaver locks her screen and she uses
her (kerberos of course) password to
24 matches
Mail list logo
