[OpenAFS] Destroying token

Russ Allbery rra@stanford.edu
Wed, 15 May 2002 01:03:48 -0700

Turbo Fredriksson <turbo@bayour.com> writes:

> I'm trying to get apache to work (see other thread), but to really debug
> this, I need to absolutely sure that the token is 'new'... How do I
> destroy a token? It does not get destroyed when I do 'kdestroy'...

unlog.  And you use tokens to see your current tokens.

It's best to think of the token as something *completely* separate from
the ticket.  It's not stored in your ticket cache, it doesn't act like a
Kerberos ticket, and it's behavior across processes and UIDs is very
different.  It's obtained originally from a Kerberos ticket (or from
running klog directly), but from that point on, it's an independent entity
that your Kerberos tools won't know about and can't manipulate.

Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>