More fun with Russ' pam_krb5
Coy Hile
coy.hile at coyhile.com
Tue Mar 11 21:24:01 EDT 2008
On Tue, 11 Mar 2008, Russ Allbery wrote:
>
> If you track down why KRB5CCNAME isn't being set properly to point to your
> current ticket cache before spawning xscreensaver, that will fix the rest
> of the problem, I think.
>
>
Ok, that's strange. I just logged back out of my desktop session and back
in, and I get the following:
[21:18:20]ganymede:~ % echo $KRB5CCNAME
/tmp/krb5cc_1000_tOaidT
[21:18:27]ganymede:~ %
which jives with what's in syslog:
Mar 11 21:18:10 ganymede dtlogin[23065]: [ID 584047 user.debug] (pam_krb5): hile: <unknown>: entry (0x1)
Mar 11 21:18:10 ganymede dtlogin[23065]: [ID 584047 user.debug] (pam_krb5): hile: initializing ticket cache /tmp/krb5cc_1000_tOaidT
Mar 11 21:18:10 ganymede dtlogin[23065]: [ID 584047 user.debug] (pam_krb5): hile: <unknown>: exit (success)
After locking and unlocking the screen, I see the same behaviour again:
[21:20:44]ganymede:~ % klist
klist: No credentials cache file found (ticket cache FILE:/tmp/krb5cc_1000_tOaidT)
[21:20:49]ganymede:~ % echo $KRB5CCNAME
/tmp/krb5cc_1000_tOaidT
[21:20:56]ganymede:~ %
and syslog shows pam_krb5 defaulting to the default ccache.
I haven't stepped through the code enough to know what else I can do to debug
this more. Any help you can give is appreciated.
--
Coy Hile
coy.hile at coyhile.com
"Unarmed combat is what we enter into when we have been foolish enough
not to have a weapon; careless enough to lose our weapon, or unlucky
enough to have broken our weapon"
More information about the Kerberos
mailing list