> If you have a keytab, k5start will do the same thing for non-Heimdal, > but we discourage users from generating keytabs for their personal > accounts....
So I discovered that heimdal's kinit does not have a feature which does this without password or keytab (which really astonished me, because it has a lot of features allready). Look at this example: Here I exeute a command "under heimdal kinit" (1) but if I try to do the same with --renew (2) heimdal kinit ignores the command and renews the tickets in my current cache instead. 1: $ /usr/heimdal-1.2.1/bin/kinit [email protected] sh -xc ' klist ; sleep 30 ; klist' [email protected]'s Password: + klist Ticket cache: FILE:/tmp/krb5cc_O38B1t Default principal: [email protected] Valid starting Expires Service principal 07/07/09 11:20:08 07/07/09 21:20:08 krbtgt/[email protected] 07/07/09 11:20:08 07/07/09 21:20:08 [email protected] 07/07/09 11:20:08 07/07/09 21:20:08 afs/[email protected] + sleep 30 + klist Ticket cache: FILE:/tmp/krb5cc_O38B1t Default principal: [email protected] Valid starting Expires Service principal 07/07/09 11:20:08 07/07/09 21:20:08 krbtgt/[email protected] 07/07/09 11:20:08 07/07/09 21:20:08 [email protected] 07/07/09 11:20:08 07/07/09 21:20:08 afs/[email protected] 2: $ /usr/heimdal-1.2.1/bin/kinit --cache=$KRB5CCNAME --renew sh -xc ' klist ; sleep 30 ; klist' #no sh is run Or is there another syntax that would do the trick? Seems I have to read the source.... Harald. _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
