PAM Kerberos and RStudio

I am trying to get Kerberos PAM to pull a ticket and not destroy it after an RStudio login on CentOS 7. My rstudio file in /etc/pam.d/ looks like: #%PAM-1.0 auth required pam_krb5.so retain_after_close debug session requisite pam_krb5.so retain_after_close debug account required pam_krb5.so debug I know that RStudio is communicating fine with the PAM Stack because if I delete the first line, RStudio will not login. I an also do other manipulations that let me know the two are in sync. Per the RStudio documentation, if I run the command: pamtester --verbose rstudio authenticate setcred open_session After entering my password, a ticket is created in /tmp called krb5cc_(uid) which is what I would expect. I can make the above pamtester line fail to pull a ticket by removing the setcred flag which tells me that this the key component. A look in the Keberos PAM documentation says that session performs the same as auth but it runs with the command pam_setcred(PAM_ESTABLISH_CRED) flag, which is what I want. The same documentation says that if I add retain_after_close then the ticket should be retained. However, this is not happening and I'm not even sure it's actually pulling the ticket. Any help is appreciated, I have tried nearly every combination of flags and parameters in the PAM file as possible but to no avail. Kerberos is a nightmare. LMK what else I can add to help. The log files are not useful unfortunately as they do not log an error due to the fact that PAM "silently fails" if a line is not understood.