[krbdev.mit.edu #5870] ksu bugs
Amir Saad via RT
rt-comment at krbdev.mit.edu
Tue Jan 8 11:37:54 EST 2008
I installed Kerberos 5 and NFS4 on a Debian 4 server. I can successfully login and I can see my home directory mounted but when I use ksu, I can't find my home directory mounted at all, I always get permission denied. I checked the log and I found that it searches for any cache that is readable by the target user and since all caches are readable only by root or source user, it fails. I tried to use different options but none worked. Also, each time I try the -D, I get an error. Here is my log:
Jan 8 14:53:49 machine1 rpc.gssd[19083]: CC file 'krb5cc_0' being considered
Jan 8 14:53:49 machine1 rpc.gssd[19083]: CC file 'krb5cc_1001.1' being considered
Jan 8 14:53:49 machine1 rpc.gssd[19083]: CC file 'krb5cc_1001.2' being considered
Jan 8 14:53:49 machine1 rpc.gssd[19083]: CC file 'krb5cc_1002_zqlnA21909' being considered
Jan 8 14:53:49 machine1 rpc.gssd[19083]: CC file 'krb5cc_machine_REALM' being considered
Jan 8 14:53:49 machine1 rpc.gssd[19083]: using FILE:/tmp/krb5cc_1001 as credentials cache for client with uid 1001 for server nfs-server-machine
Jan 8 10:23:30 machine1 rpc.gssd[17142]: ERROR: GSS-API: error in
gss_acquire_cred(): Miscellaneous failure - Unknown code krb5 195
Jan 8 10:23:30 machine1 rpc.gssd[17142]: WARNING: Failed to create krb5
context for user with uid 1001 for server nfs-server-machine
Jan 8 10:23:30 machine1 rpc.gssd[17142]: ERROR: GSS-API: error in
gss_acquire_cred(): Miscellaneous failure - Unknown code krb5 195
Jan 8 10:23:30 machine1 rpc.gssd[17142]: WARNING: Failed to create krb5
context for user with uid 1001 for server nfs-server-machine
I installed Kerberos and its packages (libpam, krb5-user,....) using apt-get.
When I issue the command: ksu user2 -n user2 -D, I get the following:
Usage: ksu [target user] [-n principal] [-c source cachename] [-k] [-D] [-r time] [-pf] [-l lifetime] [-zZ] [-q] [-e command [args... ] ] [-a [args... ] ]
Thank you
Amir
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
More information about the krb5-bugs
mailing list