Inittab launching K5start too soon
Nico Williams
nico at cryptonector.com
Thu May 12 13:58:00 EDT 2011
On Thu, May 12, 2011 at 10:56 AM, Russ Allbery <rra at stanford.edu> wrote:
> I was thinking of NFS mounts with system credentials, where you have to
> get the ordering between the network, k5start, and the NFS mount correct.
> But it sounds like I was borrowing trouble you don't have. :)
Really, what should happen is that mech_krb5's gss_init_sec_context()
automatically gets a TGT using a keytab if there's a keytab available.
Solaris' implementation does that, though sadly it only does it for
processes running as root.
Nico
--
More information about the Kerberos
mailing list