[14470] in Kerberos
Re: KRB5 daemon problems
daemon@ATHENA.MIT.EDU (Sam Hartman)
Thu May 24 09:32:45 2001
To: Donn Cave <donn@u.washington.edu>
Cc: kerberos@MIT.EDU
From: Sam Hartman <hartmans@MIT.EDU>
Date: 24 May 2001 09:27:55 -0400
In-Reply-To: Donn Cave's message of "21 May 2001 18:41:43 GMT"
Message-ID: <tsld78ylvvo.fsf@sweet-transvestite.mit.edu>
>>>>> "Donn" == Donn Cave <donn@u.washington.edu> writes:
Donn> Quoth Dan Million <lio@ornl.gov>: | While working another
Donn> issue, Tom Yu told me that login.krb5 | was supposed to set
Donn> the correct file permissions on forwarded | credentials. I
Donn> modified my remote host to use login.krb5, | and whaddaya
Donn> know, it also got rid of the "eof=^A" problem. | | This is
Donn> on an AIX system, and at some point in the past, I | thought
Donn> the prevailing wisdom was, "login.krb5 doesn't work | well
Donn> on AIX, so symlink it to /usr/bin/login." And that's | what
Donn> I've been doing ever since. Has that caveat gone away? |
Donn> Is anyone else out there even using AIX? Hello? [Insert |
Donn> sound of crickets chirping here...]
Donn> We have AIX here. I have never tried /usr/bin/login, but
Donn> would have been very surprised if it handled Kerberos
Donn> credentials properly. As far as I know, there never has
Donn> been any such caveat. There have been times when login.krb5
Donn> isn't 100% out of the box on AIX, but what is?
I ran into this problem at my past job and believe I had a work
around. Apparently I didn't commit it to the MIT tree. Unfortunately
I no longer have access to those changes so I'm not sure what the problem ended up being.
It would be useful if someone built a debugging login.krb5 and klogind
and looked at what it was doing when it was locked up.
