no renewable flag in krb5.conf ?
Guillaume Rousse
Guillaume.Rousse at inria.fr
Tue Apr 27 04:07:20 EDT 2010
Le 13/04/2010 20:23, Russ Allbery a écrit :
> I assume that you're using my PAM module here, since I think it's the only
> one that looks at [appdefaults].pam. (I could be wrong, though; maybe the
> Red Hat one does as well.) Anyway, for mine, you want to use
> renew_lifetime, not renewable:
>
> renew_lifetime=<lifetime>
> Obtain renewable tickets with a maximum renewable lifetime of
> <lifetime>. <lifetime> should be a Kerberos lifetime string such
> as "2d4h10m" or a time in minutes. If set, this overrides the
> Kerberos library default set in the [libdefaults] section of
> krb5.conf.
>
> This option can be set in krb5.conf and is only applicable to the
> auth group.
I forgot to thanks both of you for this answer, due to hollidays. It
works like a charm now.
--
BOFH excuse #436:
Daemon escaped from pentagram
More information about the Kerberos
mailing list