-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear all,
I'm using Debian jessie with openAFS and Kerberos. I found a strange behaviour that I could not pin down to a single package so far, maybe somebody has any ideas: The AFS token is gone after using sudo, first looking very similar to the (solved) bug #621496 from 2011. After each sudo command, one needs to use "aklog" to get a new AFS token. Yet, I suspect that the bug is different from the 2011 one: First, it not only happens for passwordless sudo, but also when the user is forced to enter the password. Second, I have a PC running with Jessie that does not show this bug - this Jessie wasn't upgraded for some time (around September 2014). Another PC which is up-to-date shows this bug, as well as a new installation I did recently (which is also up-to-date). The config files or our Kerberos/AFS setup did not change since I setup this PC, only the packages were upgraded with apt-get. The problem now is: The version of the libpam-afs-session package is the same in the working and the non-working image. In addition, I selectivly upgraded the openafs-krb5 and the openafs-client as well as openafs-modules-dkms to the most recent version in Jessie (the "starting point" see below). This did not introduce the bug - sudo is still working as intended. Since I'm not too familiar with AFS/Kerberos/PAM I decided to ask you if you have any ideas what I could try to pin down the reason for this? Any packages to upgrade to see if they are responsible for this? If I should provide more details / config files / information, please let me know. I'll see if I find the time to do a test setup with sid to check the newest version of the packages, but maybe my problem is far easier and somebody knows what to do. Best regards, Christoph Schober The following versions are from the (older) working image before starting selective upgrades: ---- Versions of packages openafs-krb5 depends on: ii libc6 2.18-7 ii libcomerr2 1.42.10-1 ii libk5crypto3 1.12.1+dfsg-1 ii libkrb5-3 1.12.1+dfsg-1 oo openafs-client 1.6.7-1 oo openafs-krb5 1.6.7-1 Linux version 3.14-1-amd64 (debian-ker...@lists.debian.org) (gcc version 4.8.2 (Debian 4.8.2-21) ) #1 SMP Debian 3.14.4-1 (2014-05-13) ---- @@@@@@@ The information collected by reportbug when I thought to report the bug to the openafs-krb5 package: - -- System Information: Debian Release: 8.0 APT prefers testing-updates APT policy: (500, 'testing-updates'), (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16-3-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages openafs-krb5 depends on: ii libc6 2.19-13 ii libcomerr2 1.42.12-1 ii libk5crypto3 1.12.1+dfsg-15 ii libkrb5-3 1.12.1+dfsg-15 - -- Christoph Schober GnuPG key Id 0x3B6914EB -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUkUXgAAoJENHdu+iSulRgC0AP/RJk+SGt26jM40H1z0rS0JZh 3hv0wujYREM9OlRqrvlZdSpEb/3HIM2Z+FYCSleHX/+tcspEIluJO5NIRonZORGj TXXU98KMG4q7uiqrPyUPzv6IBcFgf93ffGk2D2sPCTty/FW49FBfsPuNqn6rRtzj 2YtCnKtqGLlITT0+1oOH1grSuTMphDFnXEp9/QDiOmloeV5yNF/jKMb9wBQLNGmP 8mxUa7ofzvkoqbFAZEL6XtirPEBa8pD+Nxl9vvppaNLUSfkxKmyQFEikR/CTIkmf oUbL+oLVKFjwh1Z9aq9CBRvrYRicN+HUUPipJVzuIVAXxHVCiFVRjV6QFDzyidlZ d/U4nq9GqVTQtTwiLTkI2xG+MiZyxSh3s87C1EihD7NOyly9HD7BuXcx9hyr98WB cjtSaQoJIl+izFQ0tGECJsevva37oGtcpHe3jmCFJbl2rk8N8/NU5XnnAtee8mk7 wUbi8JJDgzsRhP8UgQcjBl7/p1WgoP1kXsARTJvjqSqQPjIDfqzwLMjuF0DUBBel pixn/UclW6ebuqXjMyfMdUC1trp9ewUj3b+ujlE5vfdAVoDgCkqd5jRDDVdsBilh uNloVdu/UeisKt5xDcN1yLEImOHBIYBZZT2AL9hcMVSGQVBJ5Kgh7ajznxmqZMvC pm07NvoqrSakE2T25kdA =viZ9 -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/549145e0.2000...@ch.tum.de
