Problems with arla and MIT kerberos
Harald Barth
haba at pdc.kth.se
Wed Aug 25 14:49:47 CEST 2004
> I have installed arla with MIT kerberos (and libkrbafs from MIT) in a
> Fedora Core 2, but I cannot have AFS write access anymore... I get the
> tickets with kinit, but the no tokens are held by arla in the
> /usr/arla/bin/tokens command... My configure line for arla was like :
> ./configure --with-krb4-include=... --with-krb4-lib=...
> --with-krb5-include=... --with-krb5-lib=... --with-krbafs=...
>
> I can get tickets seen by klist for kerberos 5 and 4 servers, but I only
> get read access....
You need a program that can take your tickets and put them into the
kernel as tokens. The Heimdal kinit and afslog do that. Some PAM
modules can do that, too. I doubt if libkrbafs comes with that
functionality. Have you tested the RPMs available there:
http://www.stacken.kth.se/projekt/arla/fedora2.html You should be able
to use the Heimdal kinit or afslog from the Heimdal RPM "mixed" with
the stuff you allready have or the arla RPM. You will probably _not_
need the kdc, server and debuginfo stuff.
Harald.
More information about the Arla-drinkers
mailing list