Select and install only one of these options:
Solaris 2.7
Solaris 2.6 Solaris 2.4, 2.5, 2.5.1
Copy the authentication module in place:
# cp /afs/ncsa/packages/kerberos/pam/SunOS_5.7/lib/pam_*.so.1 /usr/lib/security/ # chmod 755 /usr/lib/security/pam_krb5.so.1 # chmod 755 /usr/lib/security/pam_afs.so.1Now copy the configuration file in place:
# cp /etc/pam.conf /etc/pam.conf.orig # cp /afs/ncsa/packages/kerberos/pam/SunOS_5.7/etc/pam.conf /etc/pam.conf # chmod 644 /etc/pam.conf
AFS integrated login
This option will allow you to log into the console with your Kerberos/AFS
password. You can log in via the CDE login window or the command line
login and it will only get you an AFS token.
This section explains how to install the AFS authentication library into the Solaris 2.7 Pluggable Authentication Module (PAM) scheme. You must perform this part of the installation to enable integrated login on a machine. There is no AFS-modified login binary for Solaris 2.7.
Copy the authentication module in place:
# cp /usr/afsws/lib/pam_afs.so.1 /usr/lib/security/pam_afs.so.1 # chmod 755 /usr/lib/security/pam_afs.so.1Now copy the configuration file in place:
# cp /etc/pam.conf /etc/pam.conf.orig # cp /afs/ncsa/service/etc/sun4x_56/afs_pam.conf /etc/pam.conf # chmod 644 /etc/pam.conf
Copy the authentication module in place:
# cp /afs/ncsa/packages/kerberos/pam/SunOS_5.6/lib/pam_krb5_afs.so.1 /usr/lib/security/pam_krb5_afs.so.1 # chmod 755 /usr/lib/security/pam_krb5.so.1Now copy the configuration file in place:
# cp /etc/pam.conf /etc/pam.conf.orig # cp /afs/ncsa/packages/kerberos/pam/SunOS_5.6/etc/pam.conf /etc/pam.conf # chmod 644 /etc/pam.conf
AFS integrated login
This option will allow you to log into the console with your Kerberos/AFS
password. You can log in via the CDE login window or the command line
login and it will only get you an AFS token.
This section explains how to install the AFS authentication library into the Solaris 2.6 Pluggable Authentication Module (PAM) scheme. You must perform this part of the installation to enable integrated login on a machine. There is no AFS-modified login binary for Solaris 2.6.
NOTE: As of February 1998, there are several defects in the Solaris
implementation of the Common Desktop Environment (CDE) that
prevent integrated AFS login from working consistently under
CDE. SunSoft patches 105703-03 and 106027-01, which should be
available soon, fix these defects. Transarc does not support
use of CDE on AFS machines running Solaris 2.6 unless these
SunSoft patches are installed.
Once the above patches are installed then you can do the following to
install the Solaris PAM AFS module.
Copy the authentication module in place:
# cp /usr/afsws/lib/pam_afs.so.1 /usr/lib/security/pam_afs.so.1 # chmod 755 /usr/lib/security/pam_afs.so.1Now copy the configuration file in place:
# cp /etc/pam.conf /etc/pam.conf.orig # cp /afs/ncsa/service/etc/sun4x_56/afs_pam.conf /etc/pam.conf # chmod 644 /etc/pam.conf
First check to see that the login binary hasn't already been named to something else and you will not write over it:
# ls -l /bin/login*Once things look correct, then you can copy the binary in place:
# mv /bin/login /bin/login.orig # cp /usr/local/krb5/sbin/login.krb5 /bin/login.krb5 # ln -s /bin/login.krb5 /bin/login
AFS login
We replace the login program supplied with Solaris with the AFS one.
This will give the user a token when they log into the system.
First check to see that the login binary hasn't already been named to something else and you will not write over it:
# ls -l /bin/login*Once things look correct, then you can copy the binary in place:
# mv /bin/login /bin/login.orig # cp /usr/afsws/bin/login /bin/login.afs # ln -s /bin/login.afs /bin/login[an error occurred while processing this directive]