Opened 4 years ago

Closed 3 years ago

#2 closed defect (fixed)

klist refers to /tmp for location of credentials cache, when cache is really in %TMP% (or %TEMP%)

Reported by: Lewisr Owned by: psmedley
Priority: minor Milestone: Heimdal - 1.5.2
Component: tickets Version: Heimdal - 1.5.2
Keywords: klist, cache, message Cc:

Description (last modified by lewisr)

Credentials cache is being created in %TMP% or %TEMP% (c:\var\temp). klist refers to:

Credentials cache: FILE:/tmp/<filename>

This may explain why kdestroy is not destroying tickets (perhaps looking in /tmp instead of %TEMP%).

Change History (7)

comment:1 Changed 4 years ago by Lewisr

Possibly related to Issue #3.

comment:2 Changed 4 years ago by Lewisr

  • Component changed from general to tickets

comment:3 Changed 4 years ago by lewisr

  • Description modified (diff)
  • Keywords klist cache message added
  • Milestone set to Heimdal - 1.5.2
  • Version set to Heimdal - 1.5.2

comment:4 Changed 4 years ago by lewisr

  • Owner set to psmedley
  • Status changed from new to assigned

comment:5 Changed 4 years ago by psmedley

Is this on an eCS system? eCS should have the klibc path rewriter support, which should rewrite /tmp to %TEMP% automatically

comment:6 Changed 4 years ago by lewisr

eCS 2.1. Path rewriter is indeed set to point /tmp to %TMP%, and %TMP% (as well as %TEMP%) points to c:\var\temp.

I think the string in the message should refer to %TMP% and expand as necessary, though. What about when the credential cache is set to go somewhere else? Testing...

Confirmed:

set KRB5CCNAME=FILE:c:/var/temp/krb5cc_0

now shows:

{0}[c:\] klist list
Credentials cache: FILE:c:/var/temp/krb5cc_0
        Principal: lewis@SAMBA.ARCANOAE

  Issued                Expires        Principal
Jul  1 15:01:40 2015  >>>Expired<<<  cifs/kerberos-2012r2@SAMBA.ARCANOAE

I suggest that the default ccache be changed to FILE:%TMP%/krb5cc_0 just for clarity, but this is apparently only a cosmetic issue. That said, non-eCS systems will have to have this variable set or have the path re-writer installed as a prerequisite.

comment:7 Changed 3 years ago by lewisr

  • Resolution set to fixed
  • Status changed from assigned to closed

FWIW:

7-04-15 6:02 160,318 124 klist.exe

properly expands system variables on the command line, e.g.:

[c:\]set KRB5CCNAME=FILE:%TEMP%/krb5cc_0

[c:\]klist list
Credentials cache: FILE:C:\var\temp/krb5cc_0
        Principal: lewis@SAMBA.ARCANOAE

  Issued                Expires               Principal
Jun 25 16:53:51 2016  Jun 26 02:53:49 2016  krbtgt/SAMBA.ARCANOAE@SAMBA.ARCANOAE

[c:\]klist list
klist.exe: No ticket file: C:\var\temp/krb5cc_0

Time to close this one.

Note: See TracTickets for help on using tickets.