[3933] in Kerberos
Re: KRB5 problems
daemon@ATHENA.MIT.EDU (Joe Ramus)
Tue Sep 27 14:06:29 1994
Date: Tue, 27 Sep 94 10:52:08 PDT
From: ramus@nersc.gov (Joe Ramus)
To: jprondak@earth.ml.com, mellon@ipd.wellsfargo.com
Cc: kerberos@MIT.EDU
>> From mellon@ipd.wellsfargo.com Tue Sep 27 10:21:07 1994
>> Date: Tue, 27 Sep 1994 09:36:50 -0700
>> From: Ted Lemon <mellon@ipd.wellsfargo.com>
>>
>> Are you using tmpfs for your /tmp? It doesn't support file locking,
>> which means that the kerberos library loses horribly when it tries to
>> acquire a lock on the cache.
>>
>> I ran into that problem on one of the Suns here, so I hacked things so
>> that I can specify --with-ticket-dir=foo in configure. Patches will
>> follow in the not-too-distant future.
What are the symptoms of "kerberos library loses horribly" ??
I have SunOS 4.1.3 with /tmp configured like this in /etc/fstab:
swap /tmp tmp rw 0 0
I can do kinit to get the initial TGT and then do some
operations that need to add to the cache. It now contains 3 items.
Of course, I did not do this on a busy machine or in a case where
another process might also want to lock the same file at the same time.
BTW:
I hate the idea of storing the ticket cache in /tmp because it seems
too easy for someone else to be able to "steal" my file. It seems
better to at least create a directory with a name such as:
/tmp/krb5cc_my_uid
This directory would be owned by the user and would have owner access
only.
----------------------------------------------------------------
| Joe Ramus NERSC Livermore (510) 423-8917 ramus@nersc.gov |
----------------------------------------------------------------
