Jaap Winius <[email protected]> writes: > Excellent! My new k5start command, which can be executed as root, looks > like this:
> k5start -U -f /etc/krb5.keytab -b -K 10 -l 24h \ > -k /tmp/krb5cc_105 -o openldap > I also found out that the name of the credential cache (/tmp) file is > not arbitrary. In particular, the file name must end with the UID number > of the user that it's for, in my case the openldap user with UID=105. At > least, that's the way it works on Debian lenny. It's arbitrary *if* you set KRB5CCNAME to point to the ticket cache. Otherwise, yes, you want to make it match the default ticket cache name. > Incidentally, with kstart 3.15, if the -o flag is used without -k, a > segfault and a core dump will be the result. Yeah, will be fixed in 3.16. Sorry about that. -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
