[PATCHSET] add support for DIR: based credential caches
Jeremy Allison
jra at samba.org
Tue Jul 23 16:48:00 MDT 2013
On Tue, Jul 23, 2013 at 03:31:08PM +0200, Guenther Deschner wrote:
> Hi Jeremy,
>
> On 22/07/13 21:57, Jeremy Allison wrote:
> > On Mon, Jul 22, 2013 at 02:03:44PM +0200, Guenther Deschner wrote:
> >> Hi,
> >>
> >> attached find some patches to add support for DIR: based krb5
> >> credential caches in kerberized pam_winbind logons. The
> >> pam_winbind.conf configuration file now also allows to define
> >> custom patterns for DIR: and FILE: paths including numeric uid
> >> substitution using "%u".
> >
> > This:
> >
> >> + if (strequal(type, "DIR")) { +
> >> gen_cc = talloc_asprintf( + mem_ctx,
> >> "DIR:/run/user/%d/krb5cc", uid); + }
> >
> > Looks rather Linux-only'ish :-).
> >
> > Is there an alternative/parameterization for other systems ?
>
> What do you mean ? The patchset also includes code to allow things
> like "krb5_ccache_type = DIR:/any/other/directory/%u/ccache" in
> /etc/security/pam_winbind.conf.
>
> Should we make the shortcut via just "DIR" also changeable via configure ?
Nah, I'm good with it.
Cheers,
Jeremy.
More information about the samba-technical
mailing list