Erik Dalén <[email protected]> writes: > After running sudo I don't have my AFS token anymore. This can be > fixed by changing line 4 in > /usr/share/pam-configs/afs-session to:
> Auth-Type: Primary > and then run pam-auth-update again. That sounds wrong given that pam-afs-session is not a primary authentication mechanism and always returns success to authentication attempts. I'm concerned that such a change could lead to opening your system to allow logging in without a password or with any password in some cases. The additional section should always run. Why didn't it in your case with sudo? Could you show me a copy of /etc/pam.d/sudo, /etc/pam.d/common-auth, and /etc/pam.d/common-session from your system when this is not working properly? -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
