Dirk Heinrichs <dirk.heinri...@altum.de> writes: > Am 01.12.2016 um 18:12 schrieb Benjamin Kaduk:
>> I think that the KRB5CCNAME thing is only expected to help when >> combined with a change to run libpam-afs-session from >> common-session-noninteractive instead of common-session only. > On my system, configured with pam-auth-update (so no manual changes), > it's in both. It may be helpful to manually add the "debug" flag to the pam_afs_session line and then try this again and see if the syslog debugging log provides any hints for why it's failing to create a token. -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
