[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#382162: kdm: No login possible for users with OpenAFS home directory since kernel version 2.6.16

Package: kdm
Version: 4:3.3.2-1sarge1
Severity: important


on our network we have users, who have their home directory on an
OpenAFS server. In order to get access to the home directory, the
libpam-openafs-session pam-module is used to obtain the needed afs token
upon login.

If I upgrade the kernel to version 2.6.16 (vanilla) (or newer), a login
with kdm is not possible anymore. There is no possiblity to write to the
users home directory because of missing afs tokens in the environment.
Till kernel version 2.6.15 (vanilla) this worked. The pam configuration
did not change.

I started debugging libpam-openafs-session, but as far as I can
overlook the situation, a token is successfully retrieved for the user.
However it seems to get lost somewhere in the environment of kdm.

gdm does not have this bug (using the same pam configuration like kdm).
Also console logins are working correctly.

Our pam configuration:

auth    requisite       pam_nologin.so
auth    required        pam_env.so
@include common-auth
@include common-account
session required        pam_limits.so
@include common-session
@include common-password

auth    optional        pam_group.so
auth    sufficient      pam_krb5.so ignore_root use_first_pass forwardable
auth    required        pam_unix.so try_first_pass nullok secure

account optional        pam_krb5.so ignore_root
account required        pam_unix.so

session optional        pam_krb5.so ignore_root
session required        pam_unix.so
session optional        pam_openafs_session.so ignore_root

password   sufficient pam_krb5.so ignore_root
password   required   pam_unix.so nullok md5

A current Debian Testing system is not affected by this bug.

-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux
Locale: LANG=C, LC_CTYPE=de_DE@euro (charmap=ISO-8859-15)

Versions of packages kdm depends on:
ii  debconf               Debian configuration management sy
ii  kdebase-bin          4:3.3.2-1sarge1     KDE Base (binaries)
ii  kdelibs4             4:3.3.2-6.4         KDE core libraries
ii  libart-2.0-2         2.3.17-1            Library of functions for 2D graphi
ii  libc6                2.3.2.ds1-22sarge3  GNU C Library: Shared libraries an
ii  libfam0c102          2.7.0-6sarge1       client library to control the FAM 
ii  libgcc1              1:3.4.3-13          GCC support library
ii  libice6              6.8.2.dfsg.1-7.rbm1 Inter-Client Exchange library
ii  libidn11             0.5.13-1.0          GNU libidn library, implementation
ii  libpam-runtime       0.76-22             Runtime support for the PAM librar
ii  libpam0g             0.76-22             Pluggable Authentication Modules l
ii  libpng12-0           1.2.8rel-1          PNG library - runtime
ii  libqt3c102-mt        3:3.3.4-3           Qt GUI Library (Threaded runtime v
ii  libsm6               6.8.2.dfsg.1-7.rbm1 X Window System Session Management
ii  libstdc++5           1:3.3.5-13          The GNU Standard C++ Library v3
ii  libx11-6             6.8.2.dfsg.1-7.rbm1 X Window System protocol client li
ii  libxext6             6.8.2.dfsg.1-7.rbm1 X Window System miscellaneous exte
ii  libxrender1          1:0.9.0-2           X Rendering Extension client libra
ii  libxtst6             6.8.2.dfsg.1-7.rbm1 X Window System event recording an
ii  xbase-clients        6.8.2.dfsg.1-7.rbm1 miscellaneous X clients
ii  xlibs                6.8.2.dfsg.1-7.rbm1 X Window System client libraries m
ii  zlib1g               1:1.2.2-4.sarge.2   compression library - runtime

-- debconf information:
  kdm/stop_running_server_with_children: false
* shared/default-x-display-manager: kdm
  kdm/daemon_name: /usr/bin/kdm

Reply to: