Opened 8 years ago
Closed 8 years ago
#6 closed defect (fixed)
Cannot override default credential cache location
Reported by: | Lewis Rosenthal | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | Heimdal - 1.5.3 |
Component: | general | Version: | Heimdal - 1.5.3 |
Keywords: | credential cache, ticket cache | Cc: |
Description
This is the real issue underlying #2, I think.
Documentation says that the default credential location, DEFCCNAME, hardcoded as FILE:/tmp/krb5cc_%{uid} on *nix systems (see http://web.mit.edu/kerberos/krb5-1.12/doc/mitK5defaults.html#paths) may be overridden either by setting default_ccache_name in krb5.conf or by setting the env var, KRB5CCNAME. However, it appears that neither of these actually override DEFCCNAME.
Workarounds include ensuring that the klibc path rewriter is installed or even manually creating \tmp on the same volume on which the session is currently logged.
Change History (9)
comment:1 Changed 8 years ago by
Component: | distribution → general |
---|
comment:2 Changed 8 years ago by
comment:3 Changed 8 years ago by
Those docs are for MIT kerberos, not heimdal.... not sure that heimdal supports this statement
comment:4 Changed 8 years ago by
ok, so default_cc_name is the correct value for heimdal. It fails as it's splitting the path based on a colon. so with home=c:/home/default it tries to load krb5.conf first from c then from /home/default
comment:5 Changed 8 years ago by
Oops, yes, I should have translated that to Heimdal; sorry. Pesky colon thing, again, I see.
comment:6 Changed 8 years ago by
Test fix sent to @lewisr - once confirmed OK I'll checkin the fix to svn
comment:7 Changed 8 years ago by
Fix works for me, though I think we should look in %ETC% for krb5.conf and not in %HOME%.
We rightly expand %{uid} and %{TEMP} (though not %TEMP%, understandably) in the conf.
comment:9 Changed 8 years ago by
Resolution: | → fixed |
---|---|
Status: | new → closed |
This one works just as expected, Paul. Thanks.
It seems that with:
7-04-15 6:02 160,318 124 klist.exe
Environment variables work for, say:
[c:\]set KRB5CCNAME=FILE:%TEMP%/krb5cc_0
but setting default_ccache_name in the [libdefaults] section of krb5.conf as:
default_ccache_name = FILE:%{TEMP}/krb5cc_%{uid}
does not. I can't tell whether the parameter expansion is completely skipped, but we fall back on the compiled default of /tmp/krb5cc_0.
So, this one is half fixed, I think. ;-)