[Bug 187485] Doesn't seem to renew TGT after it has expired
bugzilla at redhat.com
bugzilla at redhat.com
Wed Jun 24 23:37:25 UTC 2009
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=187485
--- Comment #28 from Bojan Smojver <bojan at rexursive.com> 2009-06-24 19:37:19 EDT ---
Another interesting test with pam_krb5. It provides a little test program
called harness in the src directory, which exercises pam_krb5 machinery. When
this program is run like this:
src/harness --auth --setcred-reinitialize
It will actually reissue the ticket if KRB5CCNAME is set to the correct
credentials cache file (usuallly /tmp/krb5cc_`id -u`). If that environment
variable is not set, nothing happens to the ticket.
I have no idea why gnome-screensaver has no luck doing that when KRB5CCNAME is
set, given it's essentially using the same PAM API calls. Weird...
BTW, this should work even when KRB5CCNAME is _not_ set in pam_krb5: default
ticket should be reinitialised by default. I'll try to contact pam_krb5
developer to see if it can be changed.
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the fedora-triage-list
mailing list