I am trying to add k5start to a custom vos routine to automate dump/restore.
My current solution is a traditional klist/kinit/aklog, but has a problem with the tokens timing out before a large (multi-day) job can complete. I want to use a shared credential cache to reduce the traffic to the kerberos server (thousands and thousands of backup jobs with say one kinit/day). When I use the -k ccache option it appears that each job simply overwrites the cchache file. Without out it, each job appears to keep it's own/private ccache data. I suppose this makes sense since k5start needs to know when to renew tickets/tokens based on when each job starts when run with the command option. Is there a way to use k5start to achieve what I am after - shared ccache for many jobs to keep kerberos server traffic down - allow long running jobs to continue beyond their initial aklog renewal date If I ran k5start as a daemon and managed periodic aklog's within my application, would that work? -- This message is NOT encrypted -------------------------------- Mr. Kristen J. Webb Chief Technology Officer Teradactyl LLC. 2450 Baylor Dr. S.E. Albuquerque, New Mexico 87106 Phone: 1-505-338-6000 Email: kw...@teradactyl.com Web: http://www.teradactyl.com Providers of Scalable Backup Solutions for Unique Data Environments -------------------------------- NOTICE TO RECIPIENTS: Any information contained in or attached to this message is intended solely for the use of the intended recipient(s). If you are not the intended recipient of this transmittal, you are hereby notified that you received this transmittal in error, and we request that you please delete and destroy all copies and attachments in your possession, notify the sender that you have received this communication in error, and note that any review or dissemination of, or the taking of any action in reliance on, this communication is expressly prohibited. Regular internet e-mail transmission cannot be guaranteed to be secure or error-free. Therefore, we do not represent that this information is complete or accurate, and it should not be relied upon as such. If you prefer to communicate with Teradactyl LLC. using secure (i.e., encrypted and/or digitally signed) e-mail transmission, please notify the sender. Otherwise, you will be deemed to have consented to communicate with Teradactyl via regular internet e-mail transmission. Please note that Teradactyl reserves the right to intercept, monitor, and retain all e-mail messages (including secure e-mail messages) sent to or from its systems as permitted by applicable law ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos