override default credentials cache file location
Greg Hudson
ghudson at MIT.EDU
Thu Oct 14 15:13:09 EDT 2010
On Thu, 2010-10-14 at 06:26 -0400, Zaar Hai wrote:
> I've thought of making default cache location to be
> /var/cars/krb5ccache which will be mounted to RAM, making above
> scenario much harder to execute.
Unfortunately, this appears to be hardcoded:
snprintf(name_buf, name_size, "FILE:/tmp/krb5cc_%ld", (long) getuid());
As Chris Ward points out, $KRB5CCNAME determines the default ccache
location on a per-process basis. If you're using pam_krb5, it will
typically set KRB5CCNAME for the login system, and you should be able to
instruct it to put the ccache somewhere other than /tmp; consult the
pam_krb5 man page on your system for details.
More information about the Kerberos
mailing list