Displaying 3 results from an estimated 3 matches for "pam_krb4".
Did you mean:
pam_krb5
1998 Dec 04
1
Red Hat 5.2''s login doesn''t do PAM session management correctly
...#39;'s shell. This means that
a PAM module which expects to be able to do post-session cleanup in its
pam_close_session hook will do the cleanup *before* the user''s shell is
invoked. This breaks the pam_linux_afs module (which invokes AFS''s unlog)
and KTH Kerberos''s pam_krb4 module (which destroys the ticket cache), among
others, so the session is effectively unauthenticated (contrary to both PAM
documentation and users'' and administrators'' expectations).
The workaround for pam_linux_afs is to remove the session entry for
pam_linux_afs from /etc/pam....
2002 Oct 05
1
a patch for 3.4, please
Hello all,
I'd greatly appreciate a patch that will stop PAM mucking around after
I log in with a Kerberos 4 ticket and forward an AFS ticket (KTH
Kerberos 1.1.1 used for libkrb/libkafs). The trouble is, I need
pam_krb4, so that folks, who log in with without tickets using
tunnelled plaintext password, would get Kerberos 4 tickets for the
box. I rebuilt sshd without PAM in order to verify that PAM destroys
the tokens but I've not enough time to analyse the code in more
details. I guess
# ifdef USE_PAM
do_p...
1998 Dec 03
2
interactions between OPIE-ftpd and RH5.2
...execs the user's shell. This means that
a PAM module which expects to be able to do post-session cleanup in its
pam_close_session hook will do the cleanup *before* the user's shell is
invoked. This breaks the pam_linux_afs module (which invokes AFS's unlog)
and KTH Kerberos's pam_krb4 module (which destroys the ticket cache), among
others, so the session is effectively unauthenticated (contrary to both PAM
documentation and users' and administrators' expectations).
The workaround for pam_linux_afs is to remove the session entry for
pam_linux_afs from /etc/pam.d/login...