[OpenAFS] Cron Jobs for "Regular" Users

[Holger Rauch]

--UlVJffcvxoiEqYs2
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline

Hi,

I came accross these two links

http://www.mail-archive.com/openafs-info@openafs.org/msg11446.html
http://www.faqs.org/faqs/kerberos-faq/general/section-61.html

According to that mail, I would need to setup both an additional
Kerberos principal and PTS entry for each "regular" user that wants to
run a cron job.

So, let's say I already have a user named svnbak (both as Kerberos
principal and in PTS) that I want to be able to run some cron job
doing scp from our SVN server at night (when the SVN repository is
not in use). If I understand the mail referenced by the link given
above correctly, I would still need to create "special cron entries"
(both as Kerberos principal and in PTS) in order to be able to pass a
keytab file to kinit, which is necessary for automated/unattended
access, right? (The already existing Kerberos principal named svnbak
couldn't be used here since ktadd'ing it to a keytab file would
overwrite the password needed for interactive use (e.g. SSH logins).

Or is it possible to use the same Kerberos principal for both
interactive and automated/unattended logins? (This would save me quite
a lot of work since I have several backup users; all having "bak" in
their Kerberos principals' names).

Russ, could you please repost the link that the original mail referred
to (in that mail it was mentioned that you had some scripts making all
that stuff a little easier)?

Thanks a lot for clarifying this & kind regards,

       Holger

--UlVJffcvxoiEqYs2
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAks7JeIACgkQbiVtWpZdKQLgPgCfWAO4v8iRtOWHdiw00PVgdvFq
HyoAn1yz9OvihMmRBVG6u8KpQMzHC6rL
=PNou
-----END PGP SIGNATURE-----

--UlVJffcvxoiEqYs2--