[36411] in Kerberos
Re: Multiple principals from different realms via kinit?
daemon@ATHENA.MIT.EDU (Greg Hudson)
Thu Aug 28 11:53:26 2014
Message-ID: <53FF5054.5050800@mit.edu>
Date: Thu, 28 Aug 2014 11:52:52 -0400
From: Greg Hudson <ghudson@mit.edu>
MIME-Version: 1.0
To: =?UTF-8?B?0L7Qu9GM0LPQsCDQutGA0YvQttCw0L3QvtCy0YHQutCw0Y8=?=
<olga.kryzhanovska@gmail.com>,
"<kerberos@mit.edu>" <kerberos@mit.edu>
In-Reply-To: <CA+OH3v1oJWG2f1AHhPsg4ag0yasa6Ym_2ArBs-QKWJUH=P3e-A@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
On 08/28/2014 06:05 AM, ольга крыжановская wrote:
> How do I enable collections?
Set KRB5CCNAME to use a collection-enabled cache type, typically DIR.
For example:
mkdir /tmp/mydir
KRB5CCNAME=DIR:/tmp/mydir
export KRB5CCNAME
kinit princ1
klist # shows princ1 tickets in DIR::/tmp/mydir/tktXXXXX
kinit princ2
klist # shows princ2 tickets in DIR::/tmp/mydir/tktYYYYY
klist -l # shows a list with both ccaches
klist -A # shows tickets in both ccaches
kswitch -p princ1
klist # shows princ1 tickets
If klist shows a FILE ccache, then collection behavior are not enabled,
and only the most recently-acquired tickets can be used.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
