Subject: bin/30326: pam_krb5 doesn't set up credentials anymore
To: None <gnats-admin@netbsd.org, netbsd-bugs@netbsd.org>
From: None <tsarna@sarna.org>
List: netbsd-bugs
Date: 05/24/2005 20:01:00
>Number:         30326
>Category:       bin
>Synopsis:       pam_krb5 doesn't set up credentials anymore.
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue May 24 20:01:00 +0000 2005
>Originator:     Ty Sarna
>Release:        NetBSD 3.99.3
>Organization:
me
>Environment:
System: NetBSD kopernik.sarna.org 3.99.3 NetBSD 3.99.3 (KOPERNIK) #74: Wed May 18 01:35:12 EDT 2005 tsarna@talyn.frontco.com:/usr/build/KOPERNIK i386
Architecture: i386
Machine: i386

Completely stock /etc/pam.d files
>Description:
	Using stock pam configuration, I can log in with my kerberos 5
	password, but klist shows no tickets afterwards. I can kinit at
	that point and re-enter my password and I will have tickets.

	I made my krb and local passwords different for testing, and I
	can log in with either, so I know kerberos is partially
	functioning for login. 
>How-To-Repeat:
	ssh (with sshd having "UsePAM yes"), telnet, or terminal login.
	Use kerberos password. Then klist and notice no tickets.
>Fix:
	unknown.

>Unformatted:
 	20050512 snapshot from NetBSD-daily