[951] in arla-drinkers

home help back first fref pref prev next nref lref last post

PAM and arla

daemon@ATHENA.MIT.EDU (Charles Karney)
Wed Jul 7 22:53:18 1999

From owner-arla-drinkers@stacken.kth.se Thu Jul 08 02:53:17 1999
Return-Path: <owner-arla-drinkers@stacken.kth.se>
Delivered-To: arla-drinkers-mtg@bloom-picayune.mit.edu
Received: (qmail 1540 invoked from network); 8 Jul 1999 02:53:16 -0000
Received: from unknown (HELO sundance.stacken.kth.se) (130.237.234.41)
  by bloom-picayune.mit.edu with SMTP; 8 Jul 1999 02:53:16 -0000
Received: (from majordom@localhost)
	by sundance.stacken.kth.se (8.8.8/8.8.8) id EAA02374
	for arla-drinkers-list; Thu, 8 Jul 1999 04:46:58 +0200 (MET DST)
Received: from pppl.gov (root@mailserver.pppl.gov [192.55.106.129])
	by sundance.stacken.kth.se (8.8.8/8.8.8) with ESMTP id EAA02370
	for <arla-drinkers@stacken.kth.se>; Thu, 8 Jul 1999 04:46:47 +0200 (MET DST)
Received: from orion.pppl.gov (IDENT:karney@orion.pppl.gov [198.35.4.73])
	by pppl.gov (8.9.2/8.9.2) with ESMTP id WAA08592;
	Wed, 7 Jul 1999 22:46:36 -0400 (EDT)
Received: (from karney@localhost)
	by orion.pppl.gov (8.9.2/8.9.2) id WAA24120;
	Wed, 7 Jul 1999 22:46:36 -0400 (EDT)
From: Charles Karney <karney@pppl.gov>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <14212.4364.255177.862445@orion.pppl.gov>
Date: Wed, 7 Jul 1999 22:46:36 -0400 (EDT)
To: arla-drinkers@stacken.kth.se, kth-krb-bugs@nada.kth.se
CC: schaefer@Uni-Hohenheim.DE
Subject: PAM and arla
X-Mailer: VM 6.67 under Emacs 19.34.1
Reply-To: karney@princeton.edu
Sender: owner-arla-drinkers@stacken.kth.se
Precedence: bulk

I have been using the MIT version of AFS for Linux (2.0.x) with Tobias
Schaefer's pam_linux_afs module for authentication + tokens.  This invokes
the klog command to do the authentication and the whole package works fine

Recently, I've installed arla (0.25) and kth-krb (0.9.9) and would like to
get AFS tokens automatically.  I tried specifying

    klog_program /usr/athena/bin/kauth

to pam_linux_afs (i.e., the kth-krb kauth program).  However this bombs
because pam_linux_afs tries to invoke it as

    /usr/athena/bin/kauth karney -silent -pipe

with the -pipe indicating that the password is delivered via stdin.  I
could hack together a script to run kauth via expect, but I wonder if
anyone has a neater solution.

-- 
Charles Karney
Plasma Physics Laboratory	  E-mail:  Karney@Princeton.EDU
Princeton University		  Phone:   +1 609 243 2607
Princeton, NJ 08543-0451	  FAX:	   +1 609 243 3438

home help back first fref pref prev next nref lref last post