[Samba] FILE:/tmp/krb5cc_500 naming conventions
Andrew Bartlett
abartlet at samba.org
Sun Sep 10 20:11:00 UTC 2023
On Fri, 2023-09-08 at 07:12 +0100, Rowland Penny via samba wrote:
> I think you may be missing my point. The OP runs kinit to get a
> ticket
>
> for Administrator:
>
>
>
> [
> user at dc.aaa.bbb
> ~]$ kinit administrator
>
>
>
> Presumably the 'dc' in dc.aaa.bbb' means they are doing this on a
> Samba
>
> AD DC
>
>
>
> The ticket is created here:
>
>
>
> Ticket cache: FILE:/tmp/krb5cc_500
>
>
>
> Now, as this a DC, I would not expect to see 500, but a number in the
>
> '3000000' range, unless the OP has given their user a uidNumber, in
>
> which case, why use '500' ? A number that just happens to be
>
> Administrators RID.
The 500 is the local unix id of the kinit process, nothing to do with
AD. It is named to avoid clashes. If MIT Kerberos was being built
today, it would have been a totally random string and would not be in
/tmp, but that is what was done at the time this software was built.
Andrew Bartlett
--
Andrew Bartlett (he/him) https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead https://catalyst.net.nz/services/samba
Catalyst.Net Ltd
Proudly developing Samba for Catalyst.Net Ltd - a Catalyst IT group
company
Samba Development and Support: https://catalyst.net.nz/services/samba
Catalyst IT - Expert Open Source Solutions
More information about the samba
mailing list