[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Bug 187485] Doesn't seem to renew TGT after it has expired



Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


https://bugzilla.redhat.com/show_bug.cgi?id=187485





--- Comment #20 from Bojan Smojver <bojan rexursive com>  2009-06-23 07:29:52 EDT ---
Regarding comment #18:

> still don't know why gnome-screen saver's password dialog doesn't renew the TGT, given that you are giving it a password that is check in Kerberos

Gnome screensaver is relying on PAM for authentication. Whatever pam_krb5 does,
that is what happens. Try this:

kinit -l 10s -r 10s

In 10 seconds, your ticket will expire. Do:

tail -f /var/log/secure

In a terminal. Also, watch the tickets with:

watch klist 2>/dev/null

Now, lock the screen. Unlock and you'll see messages like this in secure log:

Jun 23 21:23:08 machine gnome-screensaver-dialog: pam_krb5[27056]:
authentication succeeds for 'bojan' (bojan REALM COM)

However, the ticket times will not move (ie. the ticket will not be reissued).

So, this is something that pam_krb5 does or doesn't do, I think. Maybe PAM
folks should change something?

-- 
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]