[PATCH] krb5 ticket refresh chain

boyang boyang at suse.de
Mon Jan 5 08:55:35 GMT 2009 

boyang wrote:
> Stefan (metze) Metzmacher wrote:
>   
>> Hi BoYang,
>>
>>   
>>     
>>>      nautilus and smbspool rely on krb5 ticket to connect to servers,
>>> therefore, it can locks account when krb5 ticket expires. The
>>> recommended question here is destroying krb5 ticket in case that it can
>>> be expired and renew/rekinit it when possible. We handle errors such as
>>> KRB5_REALM_CANT_RESOLVE, KRB5_AP_ERR_TKT_EXPIRED or KRB5_FCC_NOFILE to
>>> make krb5 ticket refresh chain more robust.
>>>     When we cannot renew/rekinit ticket, or login in cache mode, destroy
>>> krb5 ticket and try to renew/rekinit it later when KDC available. when
>>> krb5 ticket expired, we rekinit it if it is possible.
>>>     Patches are in the attachment, thanks!
>>>     
>>>       
>> I'm currently rewriting this to avoid set_event_dispatch_time() and
>> cancel_named_event(), as both only work on the first event with the
>> given name.
>>   
>>     
> Yep. I have changed cancel_named_event() to cancel all events with the
> name event_name instead of just canceling the first one.  but it is not
> post the list yet. The problem I didn't notice is that
> set_event_dispatch_time() does the same thing. :-)
>   
>> You can find my work in progress here:
>> http://gitweb.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master3-tevent2
>>
>> It would be nice if you could help me to rebase my changes on top of
>> your patches or rewrite your changes based on the ideas in my changes.
>>   
>>     
> Yep. I'm doing it right now. I'll look at your work and rewrite my
> changes. But my winbind is keeping killing idmap child and Local Sam(not
> sure about the name, the child for the domain with the local netbios
> name.:-)) no idea, still investigate it.
>   
>> As I have no setup to really test my changes.
>>     
Ok. It looks like easier to rewrite my changes on the top of your
changes. :-)
>> metze
>>
>>   
>>     
>
>   

-------------- next part --------------
A non-text attachment was scrubbed...
Name: boyang.vcf
Type: text/x-vcard
Size: 187 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20090105/b628713a/boyang.vcf

More information about the samba-technical mailing list