X2Go Bug report logs - #272
[X2Go-User] Session resume fails with AFS home directories

version graph

Package: x2goserver; Maintainer for x2goserver is X2Go Developers <x2go-dev@lists.x2go.org>; Source for x2goserver is src:x2goserver.

Reported by: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>

Date: Fri, 26 Jul 2013 14:48:01 UTC

Severity: normal

Found in version 4.0.1.3

Full log

🔗 View this message in rfc822 format

X-Loop: owner@bugs.x2go.org
Subject: Bug#272: Regarding x2go and afs interaction
Reply-To: Roy Williams <fang64@gmail.com>, 272@bugs.x2go.org
Resent-From: Roy Williams <fang64@gmail.com>
Resent-To: x2go-dev@lists.x2go.org
Resent-CC: X2Go Developers <x2go-dev@lists.x2go.org>
X-Loop: owner@bugs.x2go.org
Resent-Date: Tue, 13 Jan 2015 14:15:02 +0000
Resent-Message-ID: <handler.272.B272.142115828923451@bugs.x2go.org>
Resent-Sender: owner@bugs.x2go.org
X-X2Go-PR-Message: followup 272
X-X2Go-PR-Package: x2goserver
X-X2Go-PR-Keywords: 
Received: via spool by 272-submit@bugs.x2go.org id=B272.142115828923451
          (code B ref 272); Tue, 13 Jan 2015 14:15:02 +0000
Received: (at 272) by bugs.x2go.org; 13 Jan 2015 14:11:29 +0000
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,FREEMAIL_FROM,
	HTML_MESSAGE,T_DKIM_INVALID,URIBL_BLOCKED autolearn=ham version=3.3.2
Received: from mail-ie0-f181.google.com (mail-ie0-f181.google.com [209.85.223.181])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 03D025DA2C
	for <272@bugs.x2go.org>; Tue, 13 Jan 2015 15:11:28 +0100 (CET)
Received: by mail-ie0-f181.google.com with SMTP id rl12so2840033iec.12
        for <272@bugs.x2go.org>; Tue, 13 Jan 2015 06:11:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:date:message-id:subject:from:to:content-type;
        bh=Zp/cWOPRvl9sm33YhWolvGfqp5E0cYEd94V6JoV3U9o=;
        b=I7zmV/3y5+dErq29m6hwQmYBqjEBnR900OFlzj+0FMlwgJBC1GrYUSOSgCAjMxLp92
         /1lUp8q2bmxr3rLzQ139pzHUf7HQkZC2TfezlNh0vMoO0RWwDN4ve/nvYE8d1ukAJ9iy
         bjauaROfkf0BopRrnUsUwP9WqbyQ1GwfQZkyRV8XcknFodeckW/Q48KC9CVFpXHaaesK
         /krXnqtHTmsEmPKkQGv0Q27HaAbPuT2Cs8A0igQNny5ioNVGdCmucwWymd7OOOTXeCJi
         KOg3mEqMbhndb8N2KkpV5L8LU8szOLQM1c89uuDlS6jdplF63tbdQOoSBDlLb077Nlpy
         OMnA==
MIME-Version: 1.0
X-Received: by 10.50.79.228 with SMTP id m4mr21275439igx.43.1421158286292;
 Tue, 13 Jan 2015 06:11:26 -0800 (PST)
Received: by 10.64.55.129 with HTTP; Tue, 13 Jan 2015 06:11:26 -0800 (PST)
Date: Tue, 13 Jan 2015 09:11:26 -0500
Message-ID: <CAEQEHWYPcX3KqoRWjLNbUj5hMbLStdbZ-P+FHnwc7Sz1DTnCBg@mail.gmail.com>
From: Roy Williams <fang64@gmail.com>
To: 272@bugs.x2go.org
Content-Type: multipart/alternative; boundary=089e013a1f16d2fe2b050c893221

[Message part 1 (text/plain, inline)]
Hello Everyone,

I have a suggestion that basically involves using k5start from Russ Albury
which I suspect will no longer be as maintained in the future. Available at
http://www.eyrie.org/~eagle/software/kstart/k5start.html and having that
maintain credentials in the session, then copying the KRB5CCNAME into a new
session and having it renew the Kerberos tickets, so when k5start runs
aklog it'll renew the tokens in the suspended session. It's not ideal but
it does allow you to have session resuming.

I am not sure what the security implications would be doing this since I
suspect this would be frowned on by the Kerberos community. This k5start
tool was intended to keep long running processes from losing their file
system access on a host.

Roy Williams (fang64@gmail.com)

[Message part 2 (text/html, inline)]

Send a report that this bug log contains spam.

X2Go Developers <owner@bugs.x2go.org>. Last modified: Thu Nov 21 14:57:21 2024; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.