diff --git a/src/common/slurm_auth.h b/src/common/slurm_auth.h
index 02111190b43d1c36286437fa85c7e34f07efc043..c1f1ab52708c7729946cfb360cb69aa6fce04ab1 100644
--- a/src/common/slurm_auth.h
+++ b/src/common/slurm_auth.h
@@ -142,7 +142,14 @@ extern int	g_slurm_auth_verify( void *cred, void *hosts, int timeout );
 extern uid_t	g_slurm_auth_get_uid( void *cred );
 extern gid_t	g_slurm_auth_get_gid( void *cred );
 extern int	g_slurm_auth_pack( void *cred, Buf buf );
+
+/*
+ * WARNING!  The returned auth pointer WILL have pointers
+ *           into "buf" so do NOT free "buf" until you are done
+ *           with the auth pointer.
+ */
 extern void	*g_slurm_auth_unpack( Buf buf );
+
 int	g_slurm_auth_print( void *cred, FILE *fp );
 int	g_slurm_auth_errno( void *cred );
 const char *g_slurm_auth_errstr( int slurm_errno );
diff --git a/src/slurmd/common/stepd_api.c b/src/slurmd/common/stepd_api.c
index 26880005804266eace948628b53e98107ef3b64d..d81a8eefaa7bcbe321a264b8534c27da8edf1e7e 100644
--- a/src/slurmd/common/stepd_api.c
+++ b/src/slurmd/common/stepd_api.c
@@ -111,7 +111,8 @@ stepd_signal(step_loc_t step, void *auth_cred, int signal)
 
 	/* pack auth credential */
 	buf = init_buf(0);
-	g_slurm_auth_pack(auth_cred, buf);
+	if (g_slurm_auth_pack(auth_cred, buf) == SLURM_ERROR)
+		error("g_slurm_auth_pack failed!: %m");
 	buf_len = size_buf(buf);
 	debug("buf_len = %d", buf_len);
 
@@ -150,7 +151,8 @@ stepd_signal_task_local(step_loc_t step, void *auth_cred,
 
 	/* pack auth credential */
 	buf = init_buf(0);
-	g_slurm_auth_pack(auth_cred, buf);
+	if (g_slurm_auth_pack(auth_cred, buf) == SLURM_ERROR)
+		error("g_slurm_auth_pack failed!: %m");
 	buf_len = size_buf(buf);
 	debug("buf_len = %d", buf_len);
 
@@ -190,7 +192,8 @@ stepd_signal_container(step_loc_t step, void *auth_cred, int signal)
 
 	/* pack auth credential */
 	buf = init_buf(0);
-	g_slurm_auth_pack(auth_cred, buf);
+	if (g_slurm_auth_pack(auth_cred, buf) == SLURM_ERROR)
+		error("g_slurm_auth_pack failed!: %m");
 	buf_len = size_buf(buf);
 	debug("buf_len = %d", buf_len);
 
@@ -236,7 +239,8 @@ stepd_attach(step_loc_t step, slurm_addr *ioaddr, slurm_addr *respaddr,
 
 	/* pack auth and job credentials */
 	buf = init_buf(0);
-	g_slurm_auth_pack(auth_cred, buf);
+	if (g_slurm_auth_pack(auth_cred, buf) == SLURM_ERROR)
+		error("g_slurm_auth_pack failed!: %m");
 	slurm_cred_pack(job_cred, buf);
 	buf_len = size_buf(buf);
 	debug("buf_len = %d", buf_len);
diff --git a/src/slurmd/slurmd/req.c b/src/slurmd/slurmd/req.c
index d484b0a3208fb9813db03fded5a039eedc221a5b..0e6af2cf16c534c82cb78084ab74fa417c743324 100644
--- a/src/slurmd/slurmd/req.c
+++ b/src/slurmd/slurmd/req.c
@@ -1068,7 +1068,7 @@ _kill_all_active_steps(void *auth_cred, uint32_t jobid, int sig, bool batch)
 		debug2("container signal %d to job %u.%u",
 		       sig, jobid, stepd->stepid);
 		if (stepd_signal_container(*stepd, auth_cred, sig) < 0)
-			debug("kill jobid=%u: %m", jobid);
+			debug("kill jobid=%u failed: %m", jobid);
 	}
 	list_iterator_destroy(i);
 	list_destroy(steps);
@@ -1235,6 +1235,7 @@ _rpc_terminate_job(slurm_msg_t *msg, slurm_addr *cli)
 	int		delay;
 	char           *bgl_part_id = NULL;
 
+	debug("_rpc_terminate_job, uid = %d", uid);
 	/* 
 	 * check that requesting user ID is the SLURM UID
 	 */
diff --git a/src/slurmd/slurmstepd/req.c b/src/slurmd/slurmstepd/req.c
index 32cc1fb6761bf71dcf6eabb46398dd29f6736043..d30719e70bfac36ce75177756e82994c42eb603d 100644
--- a/src/slurmd/slurmstepd/req.c
+++ b/src/slurmd/slurmstepd/req.c
@@ -353,8 +353,11 @@ _handle_signal_process_group(int fd, slurmd_job_t *job)
 	safe_read(fd, get_buf_data(buf), buf_len);
 
 	debug3("  buf_len = %d", buf_len);
-	auth_cred = g_slurm_auth_unpack(buf);
-	free_buf(buf); /* takes care of xfree'ing data as well */
+	if ((auth_cred = g_slurm_auth_unpack(buf)) == NULL) {
+		error("unpack of the auth_cred unsuccessful")
+		rc = EPERM;
+		goto done;
+	}
 
 	/*
 	 * Authenticate the user using the auth credential.
@@ -365,7 +368,7 @@ _handle_signal_process_group(int fd, slurmd_job_t *job)
 		debug("kill req from uid %ld for job %u.%u owned by uid %ld",
 		      (long)uid, job->jobid, job->stepid, (long)job->uid);
 		rc = EPERM;
-		goto done;
+		goto done2;
 	}
 
 	/*
@@ -375,7 +378,7 @@ _handle_signal_process_group(int fd, slurmd_job_t *job)
 		debug ("step %u.%u invalid [jmgr_pid:%d pgid:%u]", 
                        job->jobid, job->stepid, job->jmgr_pid, job->pgid);
 		rc = ESLURMD_JOB_NOTRUNNING;
-		goto done;
+		goto done2;
 	}
 
 	if (killpg(job->pgid, signal) == -1) {
@@ -388,8 +391,10 @@ _handle_signal_process_group(int fd, slurmd_job_t *job)
 			signal, job->jobid, job->stepid, job->pgid);
 	}
 	
-
+done2:
+	g_slurm_auth_destroy(auth_cred);
 done:
+	free_buf(buf); /* takes care of xfree'ing data as well */
 	/* Send the return code */
 	safe_write(fd, &rc, sizeof(int));
 rwfail:
@@ -417,8 +422,11 @@ _handle_signal_task_local(int fd, slurmd_job_t *job)
 	safe_read(fd, get_buf_data(buf), buf_len);
 
 	debug3("  buf_len = %d", buf_len);
-	auth_cred = g_slurm_auth_unpack(buf);
-	free_buf(buf); /* takes care of xfree'ing data as well */
+	if ((auth_cred = g_slurm_auth_unpack(buf)) == NULL) {
+		error("unpack of the auth_cred unsuccessful");
+		rc = EPERM;
+		goto done;
+	}
 
 	/*
 	 * Authenticate the user using the auth credential.
@@ -429,7 +437,7 @@ _handle_signal_task_local(int fd, slurmd_job_t *job)
 		debug("kill req from uid %ld for job %u.%u owned by uid %ld",
 		      (long)uid, job->jobid, job->stepid, (long)job->uid);
 		rc = EPERM;
-		goto done;
+		goto done2;
 	}
 
 	/*
@@ -439,21 +447,21 @@ _handle_signal_task_local(int fd, slurmd_job_t *job)
 		debug("step %u.%u invalid local task id %d", 
 		      job->jobid, job->stepid, ltaskid);
 		rc = SLURM_ERROR;
-		goto done;
+		goto done2;
 	}
 	if (!job->task
 	    || !job->task[ltaskid]) {
 		debug("step %u.%u no task info for task id %d",
 		      job->jobid, job->stepid, ltaskid);
 		rc = SLURM_ERROR;
-		goto done;
+		goto done2;
 	}
 	if (job->task[ltaskid]->pid <= 1) {
 		debug("step %u.%u invalid pid %d for task %d",
 		      job->jobid, job->stepid,
 		      job->task[ltaskid]->pid, ltaskid);
 		rc = SLURM_ERROR;
-		goto done;
+		goto done2;
 	}
 
 	/*
@@ -470,8 +478,10 @@ _handle_signal_task_local(int fd, slurmd_job_t *job)
 			job->task[ltaskid]->pid);
 	}
 	
-
+done2:
+	g_slurm_auth_destroy(auth_cred);
 done:
+	free_buf(buf); /* takes care of xfree'ing data as well */
 	/* Send the return code */
 	safe_write(fd, &rc, sizeof(int));
 rwfail:
@@ -497,8 +507,12 @@ _handle_signal_container(int fd, slurmd_job_t *job)
 	safe_read(fd, get_buf_data(buf), buf_len);
 
 	debug3("  buf_len = %d", buf_len);
-	auth_cred = g_slurm_auth_unpack(buf);
-	free_buf(buf); /* takes care of xfree'ing data as well */
+	if ((auth_cred = g_slurm_auth_unpack(buf)) == NULL) {
+		error("unpack of the auth_cred unsuccessful");
+		rc = -1;
+		errno = EPERM;
+		goto done;
+	}
 
 	/*
 	 * Authenticate the user using the auth credential.
@@ -511,7 +525,7 @@ _handle_signal_container(int fd, slurmd_job_t *job)
 		      (long)uid, job->jobid, job->stepid, (long)job->uid);
 		rc = -1;
 		errno = EPERM;
-		goto done;
+		goto done2;
 	}
 
 	/*
@@ -522,7 +536,7 @@ _handle_signal_container(int fd, slurmd_job_t *job)
 			job->jobid, job->stepid, job->cont_id);
 		rc = -1;
 		errno = ESLURMD_JOB_NOTRUNNING;
-		goto done;
+		goto done2;
 	}
 
 	if (slurm_container_signal(job->cont_id, signal) < 0) {
@@ -535,7 +549,10 @@ _handle_signal_container(int fd, slurmd_job_t *job)
 			signal, job->jobid, job->stepid);
 	}
 
+done2:
+	g_slurm_auth_destroy(auth_cred);
 done:
+	free_buf(buf); /* takes care of xfree'ing data as well */
 	/* Send the return code and errno */
 	safe_write(fd, &rc, sizeof(int));
 	safe_write(fd, &errno, sizeof(int));
@@ -567,16 +584,19 @@ _handle_attach(int fd, slurmd_job_t *job)
 	safe_read(fd, get_buf_data(buf), buf_len);
 
 	debug3("buf_len = %d", buf_len);
-	auth_cred = g_slurm_auth_unpack(buf);
+	if ((auth_cred = g_slurm_auth_unpack(buf)) == NULL) {
+		error("unpack of the auth_cred unsuccessful");
+		rc = EPERM;
+		goto done;
+	}
 	job_cred = slurm_cred_unpack(buf);
-	free_buf(buf); /* takes care of xfree'ing data as well */
 
 	/*
 	 * Check if jobstep is actually running.
 	 */
 	if (job->state != SLURMSTEPD_STEP_RUNNING) {
 		rc = ESLURMD_JOB_NOTRUNNING;
-		goto done;
+		goto done2;
 	}
 
 	/*
@@ -590,7 +610,7 @@ _handle_attach(int fd, slurmd_job_t *job)
 				(long) uid, job->jobid, job->stepid,
 				(long) job->uid);
 		rc = EPERM;
-		goto done;
+		goto done2;
 	}
 
 	/*
@@ -602,7 +622,10 @@ _handle_attach(int fd, slurmd_job_t *job)
 	list_prepend(job->sruns, (void *) srun);
 
 	rc = io_client_connect(srun, job);
+done2:
+	g_slurm_auth_destroy(auth_cred);
 done:
+	free_buf(buf); /* takes care of xfree'ing data as well */
 	/* Send the return code */
 	safe_write(fd, &rc, sizeof(int));