Hello,
I have configured /etc/pam.d/kde as follows:
Other pam.d files are also configured to use Kerberos. NFSv4 file systems are mounted during system boot, and are also configured to use Kerberos.
When I log in from the console I can access these NFSv4 file systems as expected. When I do a
It seems as if kdm4 does use the PAM configuration to grant me access, but that the received ticket is not stored in the ticket file. The pam_krb5.so used is the same as is used by the 'normal' login, so the problem seems to be caused by kdm4. I have studied the pam_krb5.so man page, but I cannot find an option that would solve this problem.
Any suggestions on how to fix this?
Thanks.
I have configured /etc/pam.d/kde as follows:
Code:
#
# $FreeBSD: tags/RELEASE_10_1_0/security/pam_kde/files/kde 340872 2014-01-24 00:14:07Z mat $
#
# PAM configuration for the "kde" service
#
# auth
auth sufficient pam_krb5.so no_warn try_first_pass
#auth sufficient pam_ssh.so no_warn try_first_pass
auth required pam_unix.so no_warn try_first_pass
# account
account required pam_nologin.so
account required pam_krb5.so
account required pam_unix.so
# session
#session optional pam_ssh.so want_agent
session required pam_mkhomedir.so
session required pam_permit.so
Other pam.d files are also configured to use Kerberos. NFSv4 file systems are mounted during system boot, and are also configured to use Kerberos.
When I log in from the console I can access these NFSv4 file systems as expected. When I do a
klist
I get a list of granted tickets. After that I do a kdestroy
, and start KDE service kdm4 onestart
. When I login in kdm4
I cannot access the mounted file systems. When I do a klist
, I get the message that the ticket file is not found. Only after a kinit
I get access to the mounted file systems.It seems as if kdm4 does use the PAM configuration to grant me access, but that the received ticket is not stored in the ticket file. The pam_krb5.so used is the same as is used by the 'normal' login, so the problem seems to be caused by kdm4. I have studied the pam_krb5.so man page, but I cannot find an option that would solve this problem.
Any suggestions on how to fix this?
Thanks.