Skip Menu |
 

Download (untitled) / with headers
text/plain 1.8KiB
From lio@hpss1.ccs.ornl.gov Tue Jul 7 10:57:06 1998
Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id KAA09207 for <bugs@RT-11.MIT.EDU>; Tue, 7 Jul 1998 10:57:05 -0400
Received: from hpss1.ccs.ornl.gov by MIT.EDU with SMTP
id AA26134; Tue, 7 Jul 98 10:57:01 EDT
Received: (from root@localhost)
by hpss1.ccs.ornl.gov (8.8.8/8.8.8) id KAA18866;
Tue, 7 Jul 1998 10:57:03 -0400
Message-Id: <199807071457.KAA18866@hpss1.ccs.ornl.gov>
Date: Tue, 7 Jul 1998 10:57:03 -0400
From: lio@ornl.gov
Reply-To: lio@ornl.gov
To: krb5-bugs@MIT.EDU
Cc: lio@ornl.gov
Subject: forwarded credentials do not work in rlogin
X-Send-Pr-Version: 3.99

Show quoted text
>Number: 614
>Category: krb5-appl
>Synopsis: "rlogin -f" does not work
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Tue Jul 07 10:58:01 EDT 1998
>Last-Modified:
>Originator: Dan Million
>Organization:
Oak Ridge National Laboratory
Show quoted text
>Release: krb5-1.0.5
>Environment:
IBM RS/6000, AIX 4.1.5
System: AIX hpss1 1 4 000041156600


Show quoted text
>Description:
I just upgraded 2 of our development machines from KRB5 1.0.1 to
1.0.5. Now when I do "rlogin -f" to log onto a remote host and
forward my Kerberos tickets, the credentials cache file does not
get changed to be owned by me. It is still owned by "root", so
I can't read it, and thus cannot use it for anything.

When I log into the remote host as "lio", this is what I see in
/tmp:

-rw------- 1 root sys 509 Jul 7 10:53 /tmp/krb5cc_p36138

So the credentials cache is being created, but its ownership is
not being set correctly.

This all worked fine in 1.0.1.

Show quoted text
>How-To-Repeat:
See Description above.
Show quoted text
>Fix:
None known other than avoiding forwarded credentials.
Show quoted text
>Audit-Trail:
>Unformatted:
Incorrect ownerships of forwarded ticket files are usually the result of
login/rlogind mismatches. Closing.