From mike.gabriel@das-netzwerkteam.de Fri Jul 26 16:40:08 2013 Received: (at submit) by bugs.x2go.org; 26 Jul 2013 14:40:08 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_BLOCKED, URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from freya.das-netzwerkteam.de (freya.das-netzwerkteam.de [88.198.48.199]) by ymir (Postfix) with ESMTPS id EB11A5DB15 for ; Fri, 26 Jul 2013 16:40:07 +0200 (CEST) Received: from grimnir.das-netzwerkteam.de (grimnir.das-netzwerkteam.de [78.46.204.98]) by freya.das-netzwerkteam.de (Postfix) with ESMTPS id 5803E2C9 for ; Fri, 26 Jul 2013 16:40:07 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id 3E0FD3BD18 for ; Fri, 26 Jul 2013 16:40:07 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at grimnir.das-netzwerkteam.de Received: from grimnir.das-netzwerkteam.de ([127.0.0.1]) by localhost (grimnir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9IUOt1F3aDUr for ; Fri, 26 Jul 2013 16:40:07 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id 06ABC3BD17 for ; Fri, 26 Jul 2013 16:40:07 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id D3D843BBF3 for ; Fri, 26 Jul 2013 16:40:06 +0200 (CEST) Received: by grimnir.das-netzwerkteam.de (Postfix, from userid 33) id 609743BD16; Fri, 26 Jul 2013 16:40:06 +0200 (CEST) Received: from m-047.informatik.uni-kiel.de (m-047.informatik.uni-kiel.de [134.245.254.47]) by mail.das-netzwerkteam.de (Horde Framework) with HTTP; Fri, 26 Jul 2013 16:40:06 +0200 Message-ID: <20130726164006.17531y7k798urzgm@mail.das-netzwerkteam.de> X-Priority: 3 (Normal) Date: Fri, 26 Jul 2013 16:40:06 +0200 From: Mike Gabriel To: submit@bugs.x2go.org Cc: x2go-user@lists.berlios.de Subject: Re: [X2Go-User] Session resume fails with AFS home directories References: <51F274E2.3070403@gip.com> In-Reply-To: <51F274E2.3070403@gip.com> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=_1vk5qk3dcdvq"; protocol="application/pgp-signature"; micalg="pgp-sha1" Content-Transfer-Encoding: 7bit User-Agent: Internet Messaging Program (IMP) H3 (4.3.4) This message is in MIME format and has been PGP signed. --=_1vk5qk3dcdvq Content-Type: text/plain; charset=UTF-8; DelSp="Yes"; format="flowed" Content-Disposition: inline Content-Transfer-Encoding: 7bit Package: x2goserver Version: 4.0.1.3 Hi Sebastian, (quoting your complete original mail, so we have it in the bug report I create with this/my reply) On Fr 26 Jul 2013 15:08:50 CEST Sebastian Flothow wrote: > I've just set up a Debian 7 box with X2Go. It does work in that it > is possible to start new sessions, however, resuming a previous > session does not work, it always results in this message: "The > remote proxy closed the connection while negotiating the session. > This may be due to the wrong authentication credentials passed to > the server." > > I suspect this is due to the fact that home directories are stored > in AFS (for regular users, that is; when logging in as root, whose > home directory is on a local ext4 FS, resume does work). Accessing > AFS requires an AFS token in the user's name, obtaining this in turn > requires a Kerberos ticket. PAM is set up to obtain both > automatically on login, but I guess something goes wrong there > during session resume. > > Is it possible to add custom commands to the X2Go login/resume > procedure? It would be quite helpful if the client could run klist > and tokens through the ssh session, and either log or display the > output. Is there any environment variable that we have to set before we can access the home directory of the user? My guess is that we have to set at least export KRB5CCNAME=??? Maybe any other env var for the AFS token? We should get this issue fixed upstream, so I have switched over to x2go-dev and our bug tracker (done by sending my reply). Please reply to 272@bugs.x2go.org with your reply. Thanks. Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb --=_1vk5qk3dcdvq Content-Type: application/pgp-signature Content-Description: Digitale PGP-Unterschrift Content-Disposition: inline Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAABAgAGBQJR8opGAAoJEJr0azAldxsxS14P/i5D7R9XetBddPf8aw+0RU0Y /bn/LFOWJFFWFnSVgufjIa8sM4Znm5DhkSmJEdaTDRnUl+MYnAyhhQ9tzNXzQKiJ i0Hd6ceLgTYYVIYt4e6D3PCj9LH08Pq/LKkAPvGf8kY673YrFxp4wyOH1/mog5Es 1ELzbDe6SmbfFup0f/y2vNms1auw3/eXYLEnfe7RjhgmY5r5EppQj40DZ0tvV80n jQEz/9nmwS4rQFxRYD63m2zTiCfeREKdSAnPkicpiuGV4sxrbKmDHRHr6rnLgz2z 4xxwIT+3MA2uz2diJMeGyMtUVABCRXiJhEjIecFI07B81DBTPbi4v7JwQjKksWdJ DmiutQW81CkfCE81xLvmz6qhBvmzQ4zmNsnjmAKvPuxzNxqvJFMEgDDTmMoO9WnW 5UgFf9t7JEVlhX0kCLpykd0ASppjBaLLiIUMhEDtvIfn1zHMjFHj5amLrtn2Fzqs qExkBSXusv6lNny7MaZ3Yl+XXYScOsz+IE0/9ChICubmzXhLJnEGHmAIfJwDDSkq RxUFJXESSuD0z2lPgiK54MIKn8Cn3wmJUfguB7MPIXNjmWi/zXa5jdx+HzV0X1tL 6jD7WSlKI4MtsSx6u1SBJZir4B4nY2Lt5xwJbLoSsX7R+rsksH1ixO7yOM+dAaFJ txqyjkThVgwNre4BVGUt =rjCv -----END PGP SIGNATURE----- --=_1vk5qk3dcdvq--