On Sun, 2013-04-28 at 13:31 +0200, steve wrote: > On 04/27/2013 07:54 PM, Lukas Slebodnik wrote: > > On (27/04/13 19:44), steve wrote: > >> On 27/04/13 17:39, Simo Sorce wrote: > >>> On Sat, 2013-04-27 at 10:46 +0200, steve wrote: > >>>> On 27/04/13 03:54, Simo Sorce wrote: > >>>>> On Sat, 2013-04-27 at 00:44 +0200, steve wrote: > >>>>>> Hi > >>>>>> 1.9.4 Ubuntu 13.04 > >>>>>> > >>>>>> We have this in sssd.conf: > >>>>>> > >>>>>> ldap_sasl_mech = gssapi > >>>>>> ldap_sasl_authid = HH16$ > >>>>>> ldap_krb5_keytab = /etc/krb5.keytab > >>>>>> ldap_krb5_init_creds = true > >>>>>> > >>>>>> but no krb5cc_xxxx file appears in /tmp when we start sssd > >>>>>> > >>>>>> This works OK with openSUSE with te same config. > >>>>>> > >>>>>> How can we get sssd to produce the cache file as expected? > >>>>> The ccache file for sssd itself is in /var/lib/sss/db/ccache_<REALM> > >>>>> > >>>>> Simo. > >>>>> > >>>>> Hi > >>>>> Thanks, but: > >>>>> klist -k ccache_HH3.SITE > >>>>> Keytab name: FILE:ccache_HH3.SITE > >>> this is ^^not^^ a keytab (-k) it's a ccache. > >>> Just do klist ccache_HH3.SITE > >> Yes. I feel so stupid. It's not recognised though. Other apps expect > >> it to be under /tmp and be called krb5cc_0 > > If you want to store credential caches in /tmp, > > you should override default value of variable krb5_ccachedir. > > > > On fedora 18 default value of krb5_ccachedir is "/run/user/%U" > > > > Look to "man sssd-krb5" for detailed description. > > > > LS > > > Hi > OK, I changed sssd conf to this: > > ldap_sasl_mech = gssapi > ldap_sasl_authid = DOLORESDC$ > krb5_ccachedir = /tmp > ldap_krb5_keytab = /etc/krb5.keytab > krb5_ccname_template = FILE:%d/krb5cc_%U_XXXXXX > ldap_krb5_init_creds = true
These options are only for user caches. Not for sssd's own machine ccache > I expect to get a cache at: > /tmp/krb5cc_0 > > But I don't. Instead, the cache appears at > /var/lib/sss/db/ccache_DOLORES.SITE. I've tried %u instead of %U. Do I > have the correct syntax? The syntax is correct, but will not affect the machine ccache. It's path is hard coded to /var/lib/sss/db/ccache_<REALM> Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
