More fun with Russ' pam_krb5

Russ Allbery rra at stanford.edu
Tue Mar 11 21:30:59 EDT 2008


Coy Hile <coy.hile at coyhile.com> writes:

> Ok, that's strange.  I just logged back out of my desktop session and back
> in, and I get the following:
>
> [21:18:20]ganymede:~ % echo $KRB5CCNAME
> /tmp/krb5cc_1000_tOaidT
> [21:18:27]ganymede:~ %
>
> which jives with what's in syslog:
>
> Mar 11 21:18:10 ganymede dtlogin[23065]: [ID 584047 user.debug] (pam_krb5): hile: <unknown>: entry (0x1)
> Mar 11 21:18:10 ganymede dtlogin[23065]: [ID 584047 user.debug] (pam_krb5): hile: initializing ticket cache /tmp/krb5cc_1000_tOaidT
> Mar 11 21:18:10 ganymede dtlogin[23065]: [ID 584047 user.debug] (pam_krb5): hile: <unknown>: exit (success)
>
> After locking and unlocking the screen, I see the same behaviour again:
>
> [21:20:44]ganymede:~ % klist
> klist: No credentials cache file found (ticket cache FILE:/tmp/krb5cc_1000_tOaidT)

What destroyed your ticket cache?  Why don't you still have the one that
was created during initial login?

> [21:20:49]ganymede:~ % echo $KRB5CCNAME
> /tmp/krb5cc_1000_tOaidT
> [21:20:56]ganymede:~ %
>
> and syslog shows pam_krb5 defaulting to the default ccache.
>
> I haven't stepped through the code enough to know what else I can do to
> debug this more.  Any help you can give is appreciated.

When is xscreensaver started, and how?  Was KRB5CCNAME already set when it
was started?

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>



More information about the Kerberos mailing list