[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
More AFS problems
Thanks for the answers to my previous questions, they worked great.
Only, now I have more problems... :)
After setting the key for afs@<REALM>, everything worked, for a
while. Then suddenly, the users are no longer accepted by AFS. I can still
get tickets, and I no longer get error messages about discarding AFS
tokens, but I silently lose access rights in AFS.
Like if I
$ kinit admin
Credentials cache: FILE:/tmp/krb5cc_58409
Issued Expires Principal
Sep 14 18:34:39 Sep 15 04:34:37 krbtgt/<REALM>@<REALM>
Sep 14 18:34:43 Sep 15 04:34:37 afs@<REALM>
$ fs listacl /afs/<cell>
fs: You don't have the required access rights on '/afs/<cell>/'
Strangely, though, I can use bos and pts:
$ pts listentries
Name ID Owner Creator
anonymous 32766 -204 -204
admin 1 -204 32766
kalle 2 -204 1
afsuser 3 -204 1
$ pts examine admin
Name: admin, id: 1, owner: system:administrators, creator: anonymous,
membership: 1, flags: S----, group quota: unlimited.
$ bos listusers <server>
SUsers are: admin
Which I suppose I shouldn't be able to do if I wasn't correctly
authorized? I'm probably doing some stupid mistake, but I can't figure out
what... Any suggestions appreciated!
Oh, yes: I'm not entirely sure what I was doing when things stopped
working, but guesses are either removing keys from the AFS keyfile (which
I later added back) or changing the password for the test user
"afsuser". I understand this might indicate salting problems. If so, how
do I solve them? Also note that I only changed one password, but all
accounts stopped working.
Thanks for your patience,