* Juha Jäykkä [2006-01-13 09:05:09 +0200]:
> As what comes to kinit, its not setting the pag is a surprise to me after
> all the praise of Heimdal's supposedly good integration with AFS.
Sometimes you want to start a new PAG, and sometimes you want to add or
refresh credentials in your current PAG.
Actually, Heimdal kinit will start a new PAG when given an explicit
command to run; try
kinit <your-principal> id
and compare the PAG you get with that of the parent process.
I also like it that Heimdal's pagsh (kpagsh, in Debian) will generate
a new KRB5CCNAME, so that a subsequent kinit will not clobber the Kerberos
ccache of the parent process. OpenAFS's pagsh shouldn't (and doesn't) do
that since OpenAFS tries to be agnostic about where the tokens come from
(it doesn't have to be Kerberos 5).
_______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info
