(Illustration by Gaich Muramatsu)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ivan Popov wrote: | Hello Jason, | | |>| I did find pam_kcoda.so and downloaded and installed that tarball. I |>| set it up according to the example in the README, but it doesn't seem to | | | hmm, which README do you mean? The README from the pam_kcoda tarball. | Here is what my pam config files look like: (approximately) | ------------------------------------------------ | auth required pam_nologin.so | auth optional pam_unix.so | auth required pam_krb5.so use_first_pass ccache=SAFE require_keytab | auth optional pam_kcoda.so clog /path/to/clog realm xyz.chalmers.se | | account required pam_unix.so | | session required pam_unix.so | session optional pam_lastlog.so | session optional pam_mail.so standard | session required pam_limits.so | session optional pam_krb5.so | session optional pam_kcoda.so nocunlog | session optional pam_tmpdir.so | session required pam_env.so | ------------------------------------------------ | | I consider it obsolete as imho there should be a more flexible framework | for Coda authentication than that - hope it will be - but this one works. This is the pam_kcoda recommended setting (from the README): sample entry for /etc/pam.d/login auth sufficient /lib/security/pam_coda.so ignore_root I think I will try your settings to see if they work better. Thanks. |>The strangest thing happened this morning. I came in to the office, |>started my laptop (connected), went to a virtual console, logged in as |>my user, and viola! It worked! It connected directly to my HOME |>directory via coda. And yet it didn't work yesterday, and I'm pretty |>sure I had rebooted (but maybe I didn't?). Did I need to restart PAM or |>something? | | | PAM cannot be restarted :) as it is just a library linked in by the | applications like login, xdm, sshd and so on. It does not keep more state | than any given corresponding application. | | Anyway, it looks like forgotten tokens... suspended, not shut down laptop? Shutdown, of course. Am I to understand that a token cannot be maintained across reboots/restarts of venus? I.e., how is disconnected startup supposed to work if I can't shutdown my laptop, take it home, start it back up, and continue working without reconnecting to the network? I thought that was one of the capabilities of coda? I guess if this is not possible that would explain why I cannot login to my coda HOME directory before I clog as my user to get a token. Can I replicate the auth2 daemon on my laptop in order to facilitate retrieving a token when starting up disconnected? - -- Jason A. Pattie pattieja_at_xperienceinc.com Xperience, Inc. (http://www.xperienceinc.com) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFACEwFuYsUrHkpYtARAnqtAJ9utWiQur+N92Wi5eL05+nCi8Dl/ACfXWCE xQ5LXVJlV8338Kdi8/bqqo8= =JsVf -----END PGP SIGNATURE----- -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support.Received on 2004-01-16 15:46:16