[OpenAFS-devel] 1.4.5 pre5 klog v5
Russ Allbery
rra@stanford.edu
Thu, 08 Nov 2007 15:33:46 -0800
Simon Wilkinson <sxw@inf.ed.ac.uk> writes:
> For administrative use, we have a shell alias, 'asu' which looks
> something like:
> alias asu='pagsh -c "export KRB5CCNAME=$KRB5CCNAME.asu \\
> && kinit $USER/admin \\
> && aklog \\
> && PS1=[\\\\h]\\\\u/admin: PS2=[\\\\h]\\\\u/admin.. /bin/
> bash --norc \\
> && kdestroy"'
> Which we use to get admin credentials when we need them.
Note that depending on how much you trust the local system's ticket cache
handling and your willingness to leave those caches around, you can
replace kinit with k5start -H, remove kdestroy, and get the nice behavior
that you'll be prompted for a password if the cache is about to expire but
will reuse the existing ticket cache otherwise. I use this on, for
instance, my personal workstation, where I tend to jump in and out of
/root credentials a lot and hate having to constantly re-enter my
password.
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>