> If you have a keytab, k5start will do the same thing for non-Heimdal, > but we discourage users from generating keytabs for their personal > accounts....
So I discovered that heimdal's kinit does not have a feature which does this without password or keytab (which really astonished me, because it has a lot of features allready). Look at this example: Here I exeute a command "under heimdal kinit" (1) but if I try to do the same with --renew (2) heimdal kinit ignores the command and renews the tickets in my current cache instead. 1: $ /usr/heimdal-1.2.1/bin/kinit h...@nada.kth.se sh -xc ' klist ; sleep 30 ; klist' h...@nada.kth.se's Password: + klist Ticket cache: FILE:/tmp/krb5cc_O38B1t Default principal: h...@nada.kth.se Valid starting Expires Service principal 07/07/09 11:20:08 07/07/09 21:20:08 krbtgt/nada.kth...@nada.kth.se 07/07/09 11:20:08 07/07/09 21:20:08 a...@nada.kth.se 07/07/09 11:20:08 07/07/09 21:20:08 afs/pdc.kth...@nada.kth.se + sleep 30 + klist Ticket cache: FILE:/tmp/krb5cc_O38B1t Default principal: h...@nada.kth.se Valid starting Expires Service principal 07/07/09 11:20:08 07/07/09 21:20:08 krbtgt/nada.kth...@nada.kth.se 07/07/09 11:20:08 07/07/09 21:20:08 a...@nada.kth.se 07/07/09 11:20:08 07/07/09 21:20:08 afs/pdc.kth...@nada.kth.se 2: $ /usr/heimdal-1.2.1/bin/kinit --cache=$KRB5CCNAME --renew sh -xc ' klist ; sleep 30 ; klist' #no sh is run Or is there another syntax that would do the trick? Seems I have to read the source.... Harald. _______________________________________________ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
