--On Friday, April 06, 2012 5:15 PM +0000 Viktor Dukhovni
<postfix-us...@dukhovni.org> wrote:
On Fri, Apr 06, 2012 at 04:47:37PM +0300, Eray Aslan wrote:
On 2012-04-06 2:12 AM, Viktor Dukhovni wrote:
> The basic idea is to
> ensure that there is always a ticket in the client's credential
> cache. This is done via a cron-job that runs "kinit -k ..." once
> an hour.
kstart/krenew should be able to do the work as well. Is there any
particular reason one would go the cron route?
http://www.eyrie.org/~eagle/software/kstart/
The cron solution is much simpler and more robust. There is no
supervisor process running, no need for the child to not exit, no
need to instrument postfix start-up by wrapping in kstart, ...
Instead, there is a credential-cache on the system that is always
unexpired, whether Postfix is still running or not. I used
Which is the whole purpose behind k[5]start too.
From the web page:
k5start is a modified version of kinit that can use keytabs to
authenticate, can run as a daemon and wake up periodically to refresh a
ticket, and can run single commands with their own authentication
credentials and refresh those credentials until the command exits.
When I worked at Stanford, it was an extremely useful utility.
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration
