This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 250704 - cosmetic: reference instead of
cosmetic: reference instead of
Product: Fedora
Classification: Fedora
Component: authconfig (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Tomas Mraz
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2007-08-02 21:28 EDT by Nalin Dahyabhai
Modified: 2007-11-30 17:12 EST (History)
0 users

See Also:
Fixed In Version: authconfig-5.3.17-1.fc8
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-08-24 09:03:09 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Nalin Dahyabhai 2007-08-02 21:28:55 EDT
In pam_krb5 1.x, the module included support for setting AFS
tokens using the user's Kerberos credentials, and the module didn't.

Since the 2.0 rewrite, the module has instead attempted to do the right thing by
default, and has been a symlink to

The "tokens" argument should be unnecessary, too, as applications which either
access or provide access to the user's files should be using pam_setcred() or
pam_open_session(), either of which will cause tokens to be obtained, by now. 
(If a workaround is still needed in the field, the "tokens" option can be given
a list of PAM service names in /etc/krb5.conf.)  For services which don't need
the option to work properly, it'll make logins a little bit faster to not have
that redundancy there.

So we might as well simplify the code in authconfig by taking out the logic
which chooses one over the other.

I haven't got any immediate plans to remove the symlink from the pam_krb5
package, so this isn't at all urgent.

Note You need to log in before you can comment on or make changes to this bug.