Date: Wed, 2 Dec 2015 14:23:15 +0300 From: Slawa Olhovchenkov <slw@zxy.spb.ru> To: freebsd-hackers@freebsd.org, hackers@freebsd.org Subject: Re: NFSv4 details and documentations Message-ID: <20151202112315.GK31314@zxy.spb.ru> In-Reply-To: <20151202110243.GA17480@britannica.bec.de> References: <1162872124.114408327.1449007978859.JavaMail.zimbra@uoguelph.ca> <alpine.GSO.1.10.1512020158390.26829@multics.mit.edu> <20151202100708.GJ31314@zxy.spb.ru> <20151202110243.GA17480@britannica.bec.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Dec 02, 2015 at 12:02:43PM +0100, Joerg Sonnenberger wrote: > On Wed, Dec 02, 2015 at 01:07:08PM +0300, Slawa Olhovchenkov wrote: > > FreeBSD ssh'd use thread emulations by fork, as result Kerberos token > > got at pam_krb5:auth can't be accessed at pam_krb5:session (for > > writing in /tmp/krb5cc_UID. Recompile with > > -DUNSUPPORTED_POSIX_THREADS_HACK resove this issuse (and I can login > > with kerberos password to host with kerberoized NFSv4 and w/o > > additional kinit or password sshd to another host. > > Please try UsePrivilegeSeparation=no instead. The pthread hack should > just die complete. Don't work and can't be work. pthread/thread fork emulation to be foreign to the priveledge seperation.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20151202112315.GK31314>