>Anyway, I checked the krb5 sources, and it is defined in >lib/krb5/ccache/cc_keyring.c: > > /* > * Keyring name prefix and length of random name part > */ > #define KRCC_NAME_PREFIX "krb_ccache_" > #define KRCC_NAME_RAND_CHARS 8
My reading of the code is that random cache name is only used _if_ you call the function krb5_cc_gen_new(), which suggests to me that pam_sss or something pam_sss is calling is explicitly doing that (most Kerberos programs simply call krb5_cc_default() which should result in it taking a compiled-in default or whatever you specify in krb5.conf). --Ken _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
