[Freeipa-devel] [PATCHES 0015-0019] changes to the way host TGT is obtained using keytab
Petr Vobornik
pvoborni at redhat.com
Fri Mar 6 13:21:50 UTC 2015
On 03/06/2015 01:05 PM, Martin Babinsky wrote:
> This series of patches for the master/4.1 branch attempts to implement
> some of the Rob's and Petr Vobornik's ideas which originated from a
> discussion on this list regarding my original patch fixing
> https://fedorahosted.org/freeipa/ticket/4808.
>
> I suppose that these patches are just a first iteration, we may further
> discuss if this is the right thing to do.
>
> Below is a quote from the original discussion just to get the context:
>
The original kinit_hostprincipal had `ccachedir` argument, the new one
has `ccache_name`. But the new code still prepends FILE ccache type:
old: ccache_file = 'FILE:%s/ccache' % ccachedir
new: ccache_file = 'FILE:%s' % ccache_name
I would remove the line because I understand the use of 'ccache_name'
name as equivalent of KRB5CCNAME and therefore I would expect that the
value of this argument would be used to set the environment variable
WITHOUT any modification. And mainly, user is limited only to FILE
ccache type.
I also wonder if
os.environ['KRB5CCNAME'] = ccache_file
has to be set when ccache is defined by krbV call:
ccache = krbV.CCache(name=ccache_file, ...
krbV snipped doesn't use it so maybe we can remove it.
https://git.fedorahosted.org/cgit/python-krbV.git/tree/krbV-code-snippets.py
--
Petr Vobornik
More information about the Freeipa-devel
mailing list