After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 546605 - krb5-auth-dialog should renew afs tokens
krb5-auth-dialog should renew afs tokens
Status: RESOLVED DUPLICATE of bug 347034
Product: krb5-auth-dialog
Classification: Other
Component: general
unspecified
Other All
: Normal enhancement
: ---
Assigned To: Christopher Aillon
krb5-auth-dialog-maint
Depends on:
Blocks:
 
 
Reported: 2008-08-06 15:08 UTC by Jason Edgecombe
Modified: 2009-04-24 07:49 UTC
See Also:
GNOME target: ---
GNOME version: ---


Description Jason Edgecombe 2008-08-06 15:08:23 UTC 
krb5-auth-dialog version 0.7 doesn't renew AFS tokens when kerberos tickets are renewed. Since many sites that use kerberos also use AFS, this would a big help. In addition, the credentials prompt should appear at least 5 minutes before the ticket/token expires so that already-running programs won't have a loss of access while the ticket/token is being refreshed.

For more info and a crude patch, see the ubuntu bug at https://bugs.launchpad.net/ubuntu/+source/krb5-auth-dialog/+bug/113347

FYI, I patched the krb5-auth-dialog v0.7-1 that comes with RHEL5.0 i386 with the patch from the ubuntu bug report and it works. FYI, the patch just runs /usr/bin/aklog after tickets are renewed.
Comment 1 Simon Wilkinson 2008-08-13 10:42:15 UTC 
http://bugzilla.gnome.org/show_bug.cgi?id=347034

contains a patch to use a PAM stack to control the acquisition of additional credentials. This has the advantage that it isn't AFS specific, so it works with anything that a PAM module exists for, such as kx509 certificates.

Simon.
Comment 2 Guido Günther 2009-04-24 07:49:14 UTC 
Hi,
this is basically a special case of #347034.
 -- Guido

*** This bug has been marked as a duplicate of 347034 ***