kerberos ticket renew_lifetime
Alastair Neil
ajneil at gmail.com
Fri Aug 5 18:18:44 UTC 2005
I have a strange issue, when I list my tickets with klist I see:
> [ajn at island ~]$ klist -5f
> Ticket cache: FILE:/tmp/krb5cc_500_r3BZ6k
> Default principal: ajn at ITE.GMU.EDU
>
> Valid starting Expires Service principal
> 08/05/05 14:08:16 08/06/05 14:08:16 krbtgt/ITE.GMU.EDU at ITE.GMU.EDU
> renew until 08/05/05 14:08:16, Flags: FRI
> 08/05/05 14:08:22 08/06/05 14:08:16 host/kdc1.ite.gmu.edu at ITE.GMU.EDU
> renew until 08/05/05 14:08:16, Flags: FRT
>
>
note that the renew until time is the same as the starting time. This
effectivly makes the tickets unrenewable.
I have tried setting renew_lifetime in the libdefaults in krb5.conf but it
seems to make no difference:
[libdefaults]
> default_realm = ITE.GMU.EDU <http://ITE.GMU.EDU>
> dns_lookup_realm = false
> dns_lookup_kdc = false
> ticket_lifetime = 24h
> renew_lifetime = 24h
> forwardable = yes
>
anyone got any suggestions?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20050805/42a63e2d/attachment-0001.htm>
More information about the fedora-list
mailing list