git.michaelhowe.org Git - packages/o/openafs.git/commit

author	Charles Clancy <security@xauth.net>
	Fri, 26 Jul 2002 06:56:04 +0000 (06:56 +0000)
committer	Derrick Brashear <shadow@dementia.org>
	Fri, 26 Jul 2002 06:56:04 +0000 (06:56 +0000)
commit	77efb238b1a1cfe347d822322b7cc5c7a8ff110a
tree	5ceea494de8e48ea53778f83c0cccf4075094275	tree \| snapshot
parent	2ee7d7e0fbd4c082e7ee60db792976517a96523a	commit \| diff

pam-multi-cell-support-20020725

"will let you do
something like:

auth optional   /lib/security/pam_afs.so cell other-cell.domain.net
auth sufficient /lib/security/pam_afs.so try_first_pass refresh_token \
cell main-cell.domain.net
auth required   /lib/security/pam_unix.so

You need to specify "refresh_token" the second time you call it to prevent
it from getting a second PAG and making your first token useless.

Or, you can just use it once to authenticate to a cell other than what's
in /usr/vice/etc/ThisCell.  Not specifying the "cell" argument causes the
expected behavior of authenticating against the local cell."

src/pam/afs_auth.c		diff \| blob \| history
src/pam/afs_message.c		diff \| blob \| history
src/pam/afs_message.h		diff \| blob \| history
src/pam/afs_setcred.c		diff \| blob \| history
src/pam/afs_util.c		diff \| blob \| history