[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: missing functionality in pam_krb5 ?

2002-07-30, k keltezéssel Wolfgang Friebel ezt írta:

> In my opinion when authenticating against apps like xlock one should
> 1) obtain a new or refreshed K5 TGT (optionally a K4 one as well)
> 2) obtain a new AFS token.
> As no new session is started, I would expect to have updated the original
> ticket caches and calling setpag has to be avoided.

All requested feature is now implemented in

You can use the "creds and refresh_creds" pam command line option with
xlock. See more in the README. Please note, that the refresh_creds will
never obtain a "new" ticket, only refresh the existent one.
I can write it if requested, but in many case it can be embarrassing.

Any comment are welcome.
I know my english is bad, so any spellcheck are welcome too!!!