ccache using linux keyring
hartmans at MIT.EDU
Fri Apr 15 14:16:05 EDT 2005
>>>>> "Kevin" == Kevin Coffman <kwc at citi.umich.edu> writes:
Kevin> I will keep the support for multiple ccache keyrings within
Kevin> a session. So I do need a key to help me (gssd) find the
Kevin> correct ccache keyring. (Because gssd will not have the
Kevin> user's environment variables.) The ccache implementation
Kevin> will still use the environment variable -- actually
Kevin> whatever name is passed down as "<residual>" -- to locate
Kevin> the ccache to use.
You should take a look at how CCAPI and KFM deal with this. There is
a command line utility called kswitch which will change the CCAPI
default cache. I think we may want to have the same utility or at
least one with the same interface on Linux.
You should coordinate this part of the work with Jeff Altman and
Kevin> The naming of the individual keys within the ccache keyring
Kevin> is not important to the ccache implementation as I have it.
Kevin> It uses the keys' serial numbers, not their names, to find
Kevin> them. The naming would only be important if future kernel
Kevin> code was written to locate a specific key for some reason.
Kevin> I can add enctype info to the name. Is there any other
Kevin> naming distinctions that might be useful?
The concern is that as new distinguishers are added to tickets new
things may need to be added to the name. So I'm not sure the name
will ever be useful.
More information about the krbdev