On Mon, 06 Jul 2009 16:30:17 +0200 Lars Schimmer <l.schim...@cgv.tugraz.at> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi! > > One of our users try to run a job longer than usual tokens runtime. > Keeping a ssh open for that long time is not wanted. > We use a Win 2003 AD server as a krb5 KDC and krenew just hits > "krenew: error renewing credentials: KDC can't fulfill requested > option". And if I login as user, hit a screen command, the screen > process has ticket/tokens like login user. I can detach and reattach > screen like usual. But if I detach screen and logoff, ticket/tokens > for the running screen are lost. > > How can I run a long time job on linux in screen without tokens get > lost? Are tickets/tokens being destroyed as part of logging off? (Either in the shell logout scripts, or perhaps something in PAM.) Does the screen session have a PAG? I usually either temporarily disable destroying credentials on logoff, or acquire a new PAG and change KRB5CCNAME before creating a screen session. -- Andrew Deason adea...@sinenomine.net _______________________________________________ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info
