kinit error with systemd

steve steve at steve-ss.com
Mon Oct 7 04:16:31 EDT 2013


On Sun, 2013-10-06 at 12:37 -0400, Greg Hudson wrote:
> On 10/06/2013 06:18 AM, steve wrote:
> > Thanks. It works fine. Just a pity that something like this had to
> > change. It worked fine when the cache was create in /tmp.
> 
> The upstream default is still /tmp/krb5cc_%{uid}.  In 1.11 we added the 
> ability to change the default ccache name, either at build time or in 
> /etc/krb5.conf.  I wasn't aware that OpenSUSE had started doing this in 
> their build, but it's not entirely surprising given that they use 
> systemd.  You should be able to change it back in krb5.conf if you prefer:
> 
>      [libdefaults]
>          default_ccache_name = /tmp/krb5cc_%{uid}
> 
> We're aware of the unfortunate corner cases which result from using a 
> systemd per-user temporary directory as the default.  For 1.12, Simo 
> Sorce and I have done some work on the KEYRING ccache type which, in 
> combination with some new kernel features, should make it a reasonable 
> choice for a per-user default.  Obviously, that only helps on Linux, so 
> we don't consider it a complete solution.  In the longer term, we hope 
> to introduce a daemon-backed ccache type (like Kerberos for Window's 
> CCAPI or Heimdal's KCM) which can work on all Unix-like platforms.
> 

Hi
Thanks for the info. I don't know whether openSUSE have this in mind but
your solution does indeed solve the problem.

I wonder if systemd has an official way of doing this? To try and get an
official openSUSE slant on this, we've opened a bugzilla:
https://bugzilla.novell.com/show_bug.cgi?id=844198




More information about the Kerberos mailing list