Static ticket cache name

Techie techchavez at gmail.com
Wed Nov 10 18:15:20 EST 2010


On Wed, Nov 10, 2010 at 3:20 PM, Russ Allbery <rra at stanford.edu> wrote:
> Techie <techchavez at gmail.com> writes:
>
>> Yes I am using yours actually, it comes with Debian.
>
>> I tried this in the session and auth pam stacks.
>
>> pam_krb5.so ccache=file:/tmp/krb5cc_2345
>
>> Is this syntax incorrect?
>
> I believe the type has to be in all caps if one wants to provide the type,
> so use either:
>
>    ccache=/tmp/krb5cc_2345
>
> or:
>
>    ccache=FILE:/tmp/krb5cc_2345
I tried both no success.
>
> The session stack is the place where you would need to configure this.  If
> that still doesn't work, could you provide more information about exactly
> how it doesn't work?  (Do logins fail, do logins succeed but you get a
> different ticket cache name, etc.)
Right I put this in the common-session file only now no more common-auth.
I can indeed login with pam_krb5 but it creates the ticket cache as
/tmp/krb5cc_$UID_randomstring like this
/tmp/krb5cc_23542_Cdk2d0. which I believe is the default behavior.

So it looks like it is not honouring the pam argument I put in
common-session. I tried both through sshd and gnome and both use
common-session.
I turned on debugging by appending the debug arg to the end of
pam_krb5.so line in common-session but no success.
It must be something simple I am missing.

Thanks again
>
> --
> Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>
>




More information about the Kerberos mailing list