[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Debian /bin/login and heimdal kerberos



On Mon, Jul 12, 1999 at 08:43:34AM +0200, Johan Danielsson wrote:
> > - The Debian login program didn't support the parameter format used
> > for heimdal telnet, eg it expected "login -f usercode" but was given
> > "login -f -- usercode" instead.
> 
> Then it doesn't use getopt(3), or Debian getopt is broken.

getopt is OK, it is the different standards for passing
parameters to login that is the problem.

> > currently I just use 'unlink'. I have renamed to KRB5 ticket file to
> > the nonstandard /tmp/krb5cc_<uid>_<pid> for this to work (otherwise,
> > when you logged out from one session, it would kill the ticket used
> > by other login sessions).
> 
> This is (one of the reasons) why we don't do this.

I don't understand. What reason is it that you don't do it? What don't
you do?

My solution for deleting the ticket file after you log out works fine...
I believe it is the same thing used by MIT Kerberos, and Kerberos4kth
(although I can't double check right now).

It seems just plain stupid to leave a Kerberos ticket around on a system
after you have finished with it, and this is the only reliable way I
know of removing it.

Maybe you misread what I typed in and thought I still had major
outstanding problems (ie that cannot easily be fixed)?

-- 
Brian May <bam@snoopy.apana.org.au>

PGP signature