Gentoo Archives: gentoo-admin

From: Brady Catherman <bradyc@××××××.edu>
To: gentoo-admin@l.g.o
Subject: [gentoo-admin] pam.d and Kerberos
Date: Wed, 24 May 2006 21:11:06
Message-Id: F81B756B-F4A1-47A8-90C4-2E79E32C7749@uidaho.edu
1 Has anybody been able to get the pam_krb5 module to actually issue
2 tickets on login?
3
4 I have modified my system-auth every which way from Sunday but I
5 can't get tickets authorized at all on my 2006.0 system. My ultimate
6 goal is to get the AFS tickets issued so users home directories are
7 mounted when the login in. I can use kinit / aklog right now and get
8 tickets but it still will not issue tickets on login.
9
10 Here is my current system-auth. does anybody have suggestions or an
11 example of a known working system-auth file?
12
13 #%PAM-1.0
14
15 auth required pam_env.so
16 auth sufficient pam_unix.so likeauth nullok
17 auth sufficient pam_krb5.so try_first_pass forwardable
18 #auth sufficient pam_afs.so.1 use_first_pass ignore_root
19 #auth sufficient pam_ldap.so try_first_pass
20 auth required pam_deny.so
21
22 account required pam_unix.so
23 #account sufficient pam_afs.so.1 try_first_pass ignore_root
24 account sufficient pam_krb5.so
25 #account sufficient pam_ldap.so
26 account sufficient pam_localuser.so
27
28 password required pam_cracklib.so difok=2 minlen=8 dcredit=2
29 ocredit=2 retry=3
30 password sufficient pam_unix.so nullok md5 shadow use_authtok
31 password sufficient pam_krb5.so try_first_pass use_authtok debug
32 #password sufficient pam_ldap.so use_authtok use_first_pass
33 password required pam_deny.so
34
35 session required pam_limits.so
36 session required pam_unix.so
37 #session sufficient pam_afs_krb5.so.1
38 #session sufficient pam_afs.so.1
39 session optional pam_krb5.so debug
40
41
42 Thanks for any help you can offer! =)
43
44 --
45 gentoo-admin@g.o mailing list