Solaris pam_krb5 session cleanup

dkuhl dkuhl at paritysys.net
Fri Sep 24 10:03:12 EDT 2004


	Not sure about S9 in particular, but in Linux you normally modify the 
/etc/login.defs file.  The value is "CLOSE_SESSIONS".

   Here's the relevent part of the file:
#
# Enable pam_close_session() calling. When using normal (pam_unix.so)
# session handling modules, this is not needed. However with modules
# (such as kerberos or other persistent session models), login and su
# need to fork and wait for the shell to exit so that sessions can be
# cleaned up.
#
CLOSE_SESSIONS yes

	Of course, for all I know S9 doesn't have this file, but it should have 
something analogous.

D.

David Kuhl
Parity Systems
dkuhl at paritysys.com
-----------------------



Henry B. Hotz wrote:
> The pam_krb5 session module is supposed to clean up your credentials on  
> logout (if you are the last logout for that session).
> 
> I had a Solaris 9 machine which did that.  Now I have a different S9  
> machine which doesn't.  Any suggestions for what to look for?
> ------------------------------------------------------------------------ 
> ----
> The opinions expressed in this message are mine,
> not those of Caltech, JPL, NASA, or the US Government.
> Henry.B.Hotz at jpl.nasa.gov, or hbhotz at oxy.edu
> 
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos


More information about the Kerberos mailing list