Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- sudo apt-get install krb5-user libpam-krb5 libpam-ccreds auth-client-config
- sudo dpkg-reconfigure krb5-config
- sudo auth-client-config -a -p kerberos_example
- pam_auth=auth [authinfo_unavail=ignore success=1 default=2] pam_krb5.so use_first_pass ignore_root debug
- auth [success=done default=ignore] pam_unix.so nullok_secure debug
- auth [default=done] pam_ccreds.so action=validate use_first_pass
- auth [default=done] pam_ccreds.so action=store
- auth [default=bad] pam_ccreds.so action=update
- pam_account=account sufficient pam_krb5.so debug
- account sufficient pam_unix.so debug
- account required pam_permit.so
- pam_password=password sufficient pam_unix.so nullok obscure min=4 max=8 md5 debug
- password sufficient pam_krb5.so debug try_first_pass
- password required pam_deny.so
- pam_session=session required pam_mkhomedir.so umask=0022 skel=/etc/skel
- session optional pam_foreground.so
- session optional pam_krb5.so debug
- session required pam_unix.so debug
- pam_auth=auth [success=2 default=ignore] pam_krb5.so use_first_pass ignore_root debug
- auth [success=1 default=ignore] pam_unix.so nullok_secure try_first_pass debug
- auth requisite pam_deny.so
- auth required pam_permit.so
- auth [default=done] pam_ccreds.so action=validate use_first_pass
- auth [default=done] pam_ccreds.so action=store
- auth [default=bad] pam_ccreds.so action=update
- pam_account=account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so debug
- account requisite pam_deny.so
- account required pam_permit.so
- account required pam_krb5.so debug
- pam_password=password [success=2 default=ignore] pam_krb5.so minimum_uid=1000
- password [success=1 default=ignore] pam_unix.so obscure use_authtok try_first_pass sha512
- password requisite pam_deny.so
- password required pam_permit.so
- pam_session=session required pam_mkhomedir.so umask=0022 skel=/etc/skel
- session optional pam_foreground.so
- session optional pam_krb5.so debug
- session required pam_unix.so debug
- gnome-session-binary[2652]: WARNING: Could not get session id for session. Check that logind is properly installed and pam_systemd is getting used at login.
- gnome-session[2652]: gnome-session-binary[2652]: dconf-CRITICAL: unable to create file '/home/paul/.cache/dconf/user': Permission denied. dconf will not work properly.
- org.gnome.ScreenSaver[2549]: ** (gnome-screensaver:2733): WARNING **: Couldn't get presence status: The name org.gnome.SessionManager was not provided by any .service files
- org.gnome.ScreenSaver[2549]: (gnome-screensaver:2733): dconf-CRITICAL **: unable to create file '/home/paul/.cache/dconf/user': Permission denied. dconf will not work properly.
- smbd[3754]: [2018/04/30 14:19:21.213850, 0] ../source3/param/loadparm.c:3259(process_usershare_file)
- smbd[3754]: process_usershare_file: stat of /var/lib/samba/usershares/pictures failed. No such file or directory
- gnome-session[2652]: (deja-dup-monitor:3449): dconf-CRITICAL **: unable to create file '/home/paul/.cache/dconf/user': Permission denied. dconf will not work properly.
- gnome-session[2652]: (gnome-software:2890): dconf-CRITICAL **: unable to create file '/home/paul/.cache/dconf/user': Permission denied. dconf will not work properly.
- lightdm: PAM unable to dlopen(pam_kwallet.so): /lib/security/pam_kwallet.so: cannot open shared object file: No such file or directory
- lightdm: PAM adding faulty module: pam_kwallet.so
- lightdm: PAM unable to dlopen(pam_kwallet5.so): /lib/security/pam_kwallet5.so: cannot open shared object file: No such file or directory
- lightdm: PAM adding faulty module: pam_kwallet5.so
- lightdm: PAM unable to dlopen(pam_foreground.so): /lib/security/pam_foreground.so: cannot open shared object file: No such file or directory
- lightdm: PAM adding faulty module: pam_foreground.so
- lightdm: pam_krb5(lightdm-greeter:session): pam_sm_open_session: entry
- lightdm: pam_krb5(lightdm-greeter:session): no context found, creating one
- lightdm: pam_krb5(lightdm-greeter:session): (user lightdm) unable to get PAM_KRB5CCNAME, assuming non-Kerberos login
- lightdm: pam_krb5(lightdm-greeter:session): pam_sm_open_session: exit (ignore)
- lightdm: pam_unix(lightdm-greeter:session): session opened for user lightdm by (uid=0)
- lightdm: PAM unable to dlopen(pam_kwallet.so): /lib/security/pam_kwallet.so: cannot open shared object file: No such file or directory
- lightdm: PAM adding faulty module: pam_kwallet.so
- lightdm: PAM unable to dlopen(pam_kwallet5.so): /lib/security/pam_kwallet5.so: cannot open shared object file: No such file or directory
- lightdm: PAM adding faulty module: pam_kwallet5.so
- lightdm: PAM unable to dlopen(pam_foreground.so): /lib/security/pam_foreground.so: cannot open shared object file: No such file or directory
- lightdm: PAM adding faulty module: pam_foreground.so
- lightdm: pam_succeed_if(lightdm:auth): requirement "user ingroup nopasswdlogin" not met by user "paul"
- lightdm: pam_krb5(lightdm:auth): pam_sm_authenticate: entry
- sshd[1062]: Received SIGHUP; restarting.
- sshd[1062]: Server listening on 0.0.0.0 port 22.
- sshd[1062]: Server listening on :: port 22.
- sshd[1062]: Received SIGHUP; restarting.
- sshd[1062]: Server listening on 0.0.0.0 port 22.
- sshd[1062]: Server listening on :: port 22.
- gnome-keyring-daemon[1955]: couldn't set environment variable in session: GDBus.Error:org.freedesktop.DBus.Error.UnknownMethod: No such method 'Setenv'
- dbus[905]: [system] Failed to activate service 'org.bluez': timed out
- lightdm: pam_krb5(lightdm:auth): (user paul) attempting authentication as paul@MYDOMAIN.XXX
- lightdm: pam_krb5(lightdm:auth): user paul authenticated as paul@MYDOMAIN.XXX
- lightdm: pam_krb5(lightdm:auth): (user paul) temporarily storing credentials in /tmp/krb5cc_pam_498NCw
- lightdm: pam_krb5(lightdm:auth): pam_sm_authenticate: exit (success)
- lightdm: pam_krb5(lightdm:account): pam_sm_acct_mgmt: entry
- lightdm: pam_krb5(lightdm:account): (user paul) retrieving principal from cache
- lightdm: pam_krb5(lightdm:account): pam_sm_acct_mgmt: exit (success)
- lightdm: pam_krb5(lightdm-greeter:session): pam_sm_close_session: entry
- lightdm: pam_krb5(lightdm-greeter:session): pam_sm_close_session: exit (success)
- lightdm: pam_unix(lightdm-greeter:session): session closed for user lightdm
- lightdm: pam_krb5(lightdm:setcred): pam_sm_setcred: entry (establish)
- lightdm: pam_krb5(lightdm:setcred): (user paul) initializing ticket cache FILE:/tmp/krb5cc_1000_pYqd6X
- lightdm: pam_krb5(lightdm:setcred): pam_sm_setcred: exit (success)
- lightdm: pam_krb5(lightdm:session): pam_sm_open_session: entry
- lightdm: pam_krb5(lightdm:session): pam_sm_open_session: exit (success)
- lightdm: pam_unix(lightdm:session): session opened for user paul by (uid=0)
- gnome-keyring-daemon[2463]: The Secret Service was already initialized
- gnome-keyring-daemon[2463]: The SSH agent was already initialized
- gnome-keyring-daemon[2463]: The PKCS#11 component was already initialized
- dbus[905]: [system] Failed to activate service 'org.bluez': timed out
- pkexec[3386]: paul: Error executing command as another user: Not authorized [USER=root] [TTY=unknown] [CWD=/home/paul] [COMMAND=/usr/lib/update-notifier/package-system-locked]
- CRON[3474]: PAM unable to dlopen(pam_foreground.so): /lib/security/pam_foreground.so: cannot open shared object file: No such file or directory
- CRON[3474]: PAM adding faulty module: pam_foreground.so
- CRON[3474]: pam_krb5(cron:account): pam_sm_acct_mgmt: entry (silent)
- CRON[3474]: pam_krb5(cron:account): skipping non-Kerberos login
- CRON[3474]: pam_krb5(cron:account): pam_sm_acct_mgmt: exit (ignore)
- CRON[3474]: pam_krb5(cron:setcred): pam_sm_setcred: entry (establish|silent)
- CRON[3474]: pam_krb5(cron:setcred): no context found, creating one
- CRON[3474]: pam_krb5(cron:setcred): ignoring root user
- CRON[3474]: pam_krb5(cron:setcred): pam_sm_setcred: exit (success)
- CRON[3474]: pam_unix(cron:session): session opened for user root by (uid=0)
- CRON[3474]: pam_krb5(cron:setcred): pam_sm_setcred: entry (delete|silent)
- CRON[3474]: pam_krb5(cron:setcred): pam_sm_setcred: exit (success)
- CRON[3474]: pam_unix(cron:session): session closed for user root
- CRON[3520]: PAM unable to dlopen(pam_foreground.so): /lib/security/pam_foreground.so: cannot open shared object file: No such file or directory
- CRON[3520]: PAM adding faulty module: pam_foreground.so
- CRON[3520]: pam_krb5(cron:account): pam_sm_acct_mgmt: entry (silent)
- CRON[3520]: pam_krb5(cron:account): skipping non-Kerberos login
- CRON[3520]: pam_krb5(cron:account): pam_sm_acct_mgmt: exit (ignore)
- CRON[3520]: pam_krb5(cron:setcred): pam_sm_setcred: entry (establish|silent)
- CRON[3520]: pam_krb5(cron:setcred): no context found, creating one
- CRON[3520]: pam_krb5(cron:setcred): ignoring root user
- CRON[3520]: pam_krb5(cron:setcred): pam_sm_setcred: exit (success)
- CRON[3520]: pam_unix(cron:session): session opened for user root by (uid=0)
- CRON[3520]: pam_krb5(cron:setcred): pam_sm_setcred: entry (delete|silent)
- CRON[3520]: pam_krb5(cron:setcred): pam_sm_setcred: exit (success)
- CRON[3520]: pam_unix(cron:session): session closed for user root
- CRON[3701]: PAM unable to dlopen(pam_foreground.so): /lib/security/pam_foreground.so: cannot open shared object file: No such file or directory
- CRON[3701]: PAM adding faulty module: pam_foreground.so
- CRON[3701]: pam_krb5(cron:account): pam_sm_acct_mgmt: entry (silent)
- CRON[3701]: pam_krb5(cron:account): skipping non-Kerberos login
- CRON[3701]: pam_krb5(cron:account): pam_sm_acct_mgmt: exit (ignore)
- CRON[3701]: pam_krb5(cron:setcred): pam_sm_setcred: entry (establish|silent)
- CRON[3701]: pam_krb5(cron:setcred): no context found, creating one
- CRON[3701]: pam_krb5(cron:setcred): ignoring root user
- CRON[3701]: pam_krb5(cron:setcred): pam_sm_setcred: exit (success)
- CRON[3701]: pam_unix(cron:session): session opened for user root by (uid=0)
- CRON[3701]: pam_krb5(cron:setcred): pam_sm_setcred: entry (delete|silent)
- CRON[3701]: pam_krb5(cron:setcred): pam_sm_setcred: exit (success)
- CRON[3701]: pam_unix(cron:session): session closed for user root
- CRON[3729]: PAM unable to dlopen(pam_foreground.so): /lib/security/pam_foreground.so: cannot open shared object file: No such file or directory
- CRON[3729]: PAM adding faulty module: pam_foreground.so
- CRON[3729]: pam_krb5(cron:account): pam_sm_acct_mgmt: entry (silent)
- CRON[3729]: pam_krb5(cron:account): skipping non-Kerberos login
- CRON[3729]: pam_krb5(cron:account): pam_sm_acct_mgmt: exit (ignore)
- CRON[3729]: pam_krb5(cron:setcred): pam_sm_setcred: entry (establish|silent)
- CRON[3729]: pam_krb5(cron:setcred): no context found, creating one
- CRON[3729]: pam_krb5(cron:setcred): ignoring root user
- CRON[3729]: pam_krb5(cron:setcred): pam_sm_setcred: exit (success)
- CRON[3729]: pam_unix(cron:session): session opened for user root by (uid=0)
- CRON[3729]: pam_krb5(cron:setcred): pam_sm_setcred: entry (delete|silent)
- CRON[3729]: pam_krb5(cron:setcred): pam_sm_setcred: exit (success)
- CRON[3729]: pam_unix(cron:session): session closed for user root
Add Comment
Please, Sign In to add comment