Linux Daemons and Kerberos Tickets
neelsmail@rediffmail.com
neelsmail at rediffmail.com
Tue Apr 7 09:10:12 EDT 2009
Hi,
I wanted to know whether there are any recommendations regarding
following scenario:
- In order to Linux daemons to be running in kerberos/Active Directory
users' context, a (krbtgt) ticket is needed and is fetched by kinit.
- But this ticket is usually valid for some time depending on user
configuration and it needs to be renewed.
Is there a recommended way of renewing/getting new ticket for the
user?
One of the ways suggested to me was run kinit externally as cronjob
for every user you want every n hours. But that seems dangerous to me.
Putting kinit call to .bashrc sounds good to me but that will fetch
ticket only for default duration. Is there a better way? Or how do
admins do it usually?
Thanks in advance,
-Neel.
More information about the Kerberos
mailing list