[OpenAFS] Automatic token renewal
Fri, 20 Nov 2009 00:15:34 -0800
Fr=C3=A9d=C3=A9ric Grelot <firstname.lastname@example.org> writes:
> how to enable automatic tickets and token renewal, without requiring the
> user to enter "krenew -t" in a console? Is there no easier way of doing
> that than to have a script running at session opening that automatically
> calls krenew-t every, say 1 hour?
You will, regardless, have to have *something* running to refresh tickets
and tokens, since it won't happen by itself. :) You can kick off krenew
-bit -K 60 from a user's shell initialization files or take some similar
approach to start it automatically on login.
> By the way, since I added the openafs module in common-session and
> common-auth, if after some time of inactivty ubuntu suspends my session
> and asks me for a password to unlock it, will it send a new query to the
> servers (equivalent of a "kinit&&aklog") ?
Yes, if the PAM modules are correctly configured.
Russ Allbery (email@example.com) <http://www.eyrie.org/~eagle/>