[OpenAFS] Tokens and screen under linux
Robbert Eggermont
R.Eggermont@tudelft.nl
Mon, 06 Jul 2009 17:23:55 +0200
Lars Schimmer wrote:
> One of our users try to run a job longer than usual tokens runtime.
> Keeping a ssh open for that long time is not wanted.
> We use a Win 2003 AD server as a krb5 KDC and krenew just hits
> "krenew: error renewing credentials: KDC can't fulfill requested option".
Do you use winbind?
Do you have a valid /etc/krb5.conf with kdc entries and renew_lifetime
specified?
> And if I login as user, hit a screen command, the screen process has
> ticket/tokens like login user. I can detach and reattach screen like
> usual. But if I detach screen and logoff, ticket/tokens for the running
> screen are lost.
krenew uses it's own (unique) ticket cache so it should be safe from
logoffs.
Cheers,
Robbert
--
Robbert Eggermont Information & Communication Theory
R.Eggermont@TUDelft.nl Electr.Eng., Mathematics & Comp.Science
+31 (15) 2783234 Delft University of Technology