Re: [PATCH] Add "-e" option to rpc.gssd to allow error on ticketexpiry

From: John Hughes
Date: Fri Nov 18 2011 - 08:51:32 EST

Next message: Alessandro Rubini: "[PATCH V2 2/2] usb: dwc3: use debugfs_print_regs32()"
Previous message: Steven Rostedt: "Re: tracing vs. string formatting"
In reply to: Steve Dickson: "Re: [PATCH] Add "-e" option to rpc.gssd to allow error on ticketexpiry"
Next in thread: John Hughes: "Re: [PATCH] Add "-e" option to rpc.gssd to allow error on ticketexpiry"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 18/11/11 14:44, Steve Dickson wrote:

I think the answer to all this is have the ticket
renewed before it expires. There is a daemon call sssd
that is part of the FreeIPA project that will supposedly
do that for us... I'm looking into it...

You can only renoew the ticket before it expires if it hasn't yet expired.

Imagine this case:

I go home for the evening.

The screensaver kicks in.

The machine suspends to ram.

The ticket expires. Yes, it was renewable but nobody could renew it because they were asleep.

I come back the next morning, hit a key, the unlock screen pops up, I enter my password, pam_krb5 gets a new ticket.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alessandro Rubini: "[PATCH V2 2/2] usb: dwc3: use debugfs_print_regs32()"
Previous message: Steven Rostedt: "Re: tracing vs. string formatting"
In reply to: Steve Dickson: "Re: [PATCH] Add "-e" option to rpc.gssd to allow error on ticketexpiry"
Next in thread: John Hughes: "Re: [PATCH] Add "-e" option to rpc.gssd to allow error on ticketexpiry"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]