On 12/02/2015 11:56 AM, Sumit Bose wrote:
On Wed, Dec 02, 2015 at 11:37:04AM +0100, Jakub Hrozek wrote:On Wed, Dec 02, 2015 at 11:30:22AM +0100, Sumit Bose wrote:On Wed, Dec 02, 2015 at 07:48:59AM -0000, olle Hansson wrote:Hi all,I've noticed that tickets do not get renewed if the user logs out. Is this intentional even if the ticket cache is stored in the user home? If so is there any way to make sssd renew tickets even for users who no longer have a session open on the server so they can run cron jobs etc?yes, this is intentional. SSSD checks if there is still a process of the user running on the system before renewing a ticket. If a put a 'sleep 999999' in the background before you log out SSSD should try renew the ticket while you are not logged in.Would this work also in systemd with systemd-logind? I thought we switched to checkig if there is a session instead (but I also remember there were some concerns over sudo and su not being treated as opening a session, so I don't remember what the outcome was..)yes, but in the case the user was not found by sd_uid_get_sessions() we fall back to crawl through /proc.
Hi Sumit,cool, that is nice. I tried to use this renew-feature for logged out users some time ago, and it did not work as expected.
Do you happen to know as of which version it should work as you describe? Thank you, Joschi
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ sssd-users mailing list [email protected] https://lists.fedorahosted.org/admin/lists/[email protected]
