oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

clarify credentials refreshing stuff

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14396 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2004-12-13 17:19:42 +00:00
parent f50a7f177e
commit 3a985922b7
1 changed files with 10 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
doc/setup.texi
View File

@@ -884,14 +884,18 @@ service@@host$ kinit --cache=/var/run/service_krb5_cache \
service-principal@@EXAMPLE.ORG service-principal@@EXAMPLE.ORG
@end example @end example
Long running services might need credentials longer then the expiration Long running services might need credentials longer then the
time of the tickets. kinit can run in a mode that refreshes the expiration time of the tickets. kinit can run in a mode that refreshes
tickets before the expire. This is useful for services that write into the tickets before they expire. This is useful for services that write
AFS and other distributed file systems using Kerberos. into AFS and other distributed file systems using Kerberos. To run the
long running script, just append the program and arguments (if any)
after the principal. kinit will stop refreshing credentials and remove
the credentials when the script-to-start-service exits.
@example @example
service@@host$ kinit --cache=/var/run/service_krb5_cache \ service@@host$ kinit --cache=/var/run/service_krb5_cache \
--keytab=/etc/krb5-service.keytab \ --keytab=/etc/krb5-service.keytab \
service-principal@@EXAMPLE.ORG script-to-start-service service-principal@@EXAMPLE.ORG \
script-to-start-service argument1 argument2
@end example @end example