create root cache on boot
Benjamin Kaduk
kaduk at MIT.EDU
Thu May 2 00:45:38 EDT 2013
On Wed, 1 May 2013, steve wrote:
> openSUSE 12.3 with Samba 4.0 KDC
>
> Hi
> Our Linux clients need a root cache available for cifs mounts. I have a
> machine key available on all clients. I've put:
> kinit -k -t /etc/krb5.keytab MACHINE$
> in /etc/init.d/boot.local
> Other commands in boot.local run just fine except for the kinit. I know
> that the network is up and that the KDC is available because sssd uses
> the same machine key to create it's own cache.
Are you sure that the network is up? (What have you done to test?) Do you
have a dependency chart or ordering of your system's init scripts? I
would expect that sssd is starting from something in /etc/init.d/ but your
boot.local is running before that.
Probably you should move that kinit invocation into a dedicated init
script that orders itelf with respect to $network (and also whatever needs
cifs).
> Any ideas as to why the kinit fails in the boot script when other
> commands are OK?
I suspect that the network is not actually up. (N.b. sometimes $network
hvaing completed does not actually mean the network is up.) You could
test by using ping or route or something to test for connectivity in the
same place where your kinit is failing.
-Ben Kaduk
More information about the Kerberos
mailing list