no renewable flag in krb5.conf ?

Guillaume Rousse Guillaume.Rousse at inria.fr
Tue Apr 27 04:07:20 EDT 2010


Le 13/04/2010 20:23, Russ Allbery a écrit :
> I assume that you're using my PAM module here, since I think it's the only
> one that looks at [appdefaults].pam.  (I could be wrong, though; maybe the
> Red Hat one does as well.)  Anyway, for mine, you want to use
> renew_lifetime, not renewable:
> 
>    renew_lifetime=<lifetime>
>        Obtain renewable tickets with a maximum renewable lifetime of
>        <lifetime>.  <lifetime> should be a Kerberos lifetime string such
>        as "2d4h10m" or a time in minutes.  If set, this overrides the
>        Kerberos library default set in the [libdefaults] section of
>        krb5.conf.
> 
>        This option can be set in krb5.conf and is only applicable to the
>        auth group.
I forgot to thanks both of you for this answer, due to hollidays. It
works like a charm now.

-- 
BOFH excuse #436:

Daemon escaped from pentagram



More information about the Kerberos mailing list