[615] in Info-AFS_Redistribution
X11R5 xdm problems - missing or stolen tokens
daemon@ATHENA.MIT.EDU (Rob MacKinnon)
Fri Feb 14 13:54:42 1992
From: Rob MacKinnon <robmack@bsc.no>
To: info-afs@transarc.com (Info AFS Mailing List)
Date: Fri, 14 Feb 92 18:11:48 MET
We recently began a test to use xdm to manage our RT-AOS and RISC/6000
machines on our AFS cell. We run AFS 3.1a both on the servers and on
the clients. Users on the RISC/6000s who login from Xstations or from
the RISC consoles experience
1) no AFS token when first logged in. They are required to klog (even
though the xdm code does a ka_UserAuthenticateLife().
2) when one user klogs on a RISC, another user logged in on the same
machine via xdm will have his/her tokens changed to the first user's
tokens.
As a result, we've stopped the test until the problem can be located and
repaired. I understand that this problem has been seen recently by other
AFS sites but, since I have only just begun subscribing to this mailing
list, I haven't seen the previous discussion.
The code I used to modify verify.c in xdm was taken from login.c in the
AFS source. The options to ka_UserAuthenticateLife() will allow a setpag()
call to establish a new PAG for the logging in user. The Kerberos
authentication process works and yet the user is not issued tokens after
login (problem 1). Are my problems related to AFS on the RISC/6000
(I should mention that the RTs don't seem to experience this problem) or
is there something I have neglected to do in verify.c in xdm?
--
Hilsen
Robert MacKinnon, UNIX Support, Bergen Scientific Centre
Thormoehlensgate 55, N-5008, Bergen, NORWAY
Phone: +47-5-544618 | BITNET/VNET: robmack at nobscvm
FAX : +47-5-960115 | Internet/Email: robmack@bsc.no
~