Fedora ticket cache location (was: Keytab-based initiator creds design)

Simo Sorce simo at redhat.com
Thu Jun 7 16:13:00 EDT 2012


On Thu, 2012-06-07 at 13:01 -0700, Russ Allbery wrote:
> Simo Sorce <simo at redhat.com> writes:
> 
> > In Fedora we are already moving the ccache to a standard place in /run,
> > and it is non persistent as that filesystem is a tmpfs.
> 
> I was going to ask about that.  I have a bunch of software that
> manipulates ticket caches, and I'd like to have that do the right thing on
> Fedora and use the correct paths.  However, I don't know how to discover
> that I'm on Fedora, or more generally, how to determine where ticket
> caches should go by default.  (And by this I mean more than just the
> default ticket cache, where I can use the krb5_cc_* interface to get the
> default cache location, but for things like k5start, krenew, or pam-krb5
> that need to create temporary ticket caches.)
> 
> Is there some standard interface that I can use for things like this?

I am not aware of any interface beyond krb5_cc_* and KRBCCNAME env vars.

We've had some proposal to use references in the kernel keyring, but no
firm plans. What kind of interface would you want to see ?

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York



More information about the krbdev mailing list