Implementaion of KCM funtionality for MIT Kerberos
Rajasekaran Nagarajan
rnagarajan at novell.com
Sun Dec 4 23:44:45 EST 2005
Jeff is right. And, i don't think keyring has the support for binary
secrets.
Thanx...
Regards - Raj
>>> Jeffrey Hutzelman <jhutz at cmu.edu> 12/02/05 8:41 am >>>
On Sunday, November 20, 2005 02:50:42 PM - 0500 Sam Hartman
<hartmans at mit.edu> wrote:
> One problem with the kcm approach is that I'm not sure it will work
> well with the linux keyring cache type that umich has been planning
to
> donate.
>
>
> I'm not sure how well keyring access would work for a process trying
> to renew credentials that is not running as part of the session
> involved.
I don't think that's actually a problem.
As I understand it, credentials managed by KCM are kept one of multiple
private caches owned by the system- wide daemon, and accessed via a
ccache
backend which communications with the daemon via some suitable IPC
mechanism (socket, door, etc).
-- Jeff
More information about the krbdev
mailing list