Renewable ticket ?
Nicolas Williams
nmw at ubsw.com
Wed May 8 09:32:24 EDT 2002
I have added an option, -E, to klist here which causes klist to print
the number of seconds left to TGT expiry and the number of seconds left
to TGT renewal limit - as with -s, exit status is set to 0 if there's a
valid TGT for the given ccache's default principal, 1 otherwise.
With this one can write a script to check all ccaches, renew the
renewable ones which would expire soon, warn users about ccaches that
can't be renewed and then wait a reasonable amount of time before
starting again. And if a ccache's user is no longer logged in then you
can even let the tickets therein lapse.
I can post the klist diff if you wish. The rest is upto you.
Nico
On Wed, May 08, 2002 at 12:35:54PM +0200, Marc wrote:
> Nils Olav Selåsdal wrote:
>
> >
> >>-----Original Message-----
> >>From: kerberos-admin at mit.edu [mailto:kerberos-admin at mit.edu]
> >>On Behalf Of Marc
> >>Sent: Wednesday, May 08, 2002 10:03 AM
> >>To: kerberos at mit.edu
> >>Subject: Renewable ticket ?
> >>
> >>
> >>Hello,
> >>
> >>Is it somehow possible to make a ticket auto renewable ? What
> >>I mean is
> >>when I log in I get my ticket and then when the ticket
> >>expires I don't
> >>need to manually do a kinit to get a new ticket.
> >>
> >>I had a look in Kerberos V5 System administrator's guide but found
> >>nothing, no renewable option or something like that which I
> >>could use in
> >>krb5.conf.
> >>
> >>Any ideas ?
> >>
> > Make a cron or at job that does it for you.
> >
> > ________________________________________________
> > Kerberos mailing list Kerberos at mit.edu
> > http://mailman.mit.edu/mailman/listinfo/kerberos
> >
> >
>
> Well that is fine in a single user workstation case but how do you cope
> with a multi-user system ??
>
> Regards
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> http://mailman.mit.edu/mailman/listinfo/kerberos
Visit our website at http://www.ubswarburg.com
This message contains confidential information and is intended only
for the individual named. If you are not the named addressee you
should not disseminate, distribute or copy this e-mail. Please
notify the sender immediately by e-mail if you have received this
e-mail by mistake and delete this e-mail from your system.
E-mail transmission cannot be guaranteed to be secure or error-free
as information could be intercepted, corrupted, lost, destroyed,
arrive late or incomplete, or contain viruses. The sender therefore
does not accept liability for any errors or omissions in the contents
of this message which arise as a result of e-mail transmission. If
verification is required please request a hard-copy version. This
message is provided for informational purposes and should not be
construed as a solicitation or offer to buy or sell any securities or
related financial instruments.
More information about the Kerberos
mailing list