On Wed, 2017-03-29 at 16:10 +0200, Sumit Bose wrote:
On Wed, Mar 29, 2017 at 01:48:07PM +0000, Joakim Tjernlund wrote:
> I have tried to set KRB5CCNAME to something predicable, both in
> sssd.conf(krb5_ccname_template = FILE:/tmp/krb5cc_:%U)
> and
> krb5.conf(default_ccache_name = FILE:/tmp/krb5cc_%{uid})
>
> but what ever I do KRB5CCNAME reads:
> KRB5CCNAME=FILE:/tmp/krb5cc_<UID>_ryxWRPDHZD
>
> Is the name hardcoded nowadays(in sssd 1.15.2)?
no, using krb5_ccname_template should just work.
Please note that SSSD tries to reuse an existing and active ccache. This
means that as long as a process of the user is running SSSD will use
the existing ccache and will also set KRB5CCNAME to the existing one for
new logins.
Right, but stopping sssd, rm /var/lib/sss/db/* and rebooting does not help.
Do I need to use any of sssd'd plugins in krb.conf? Currently I don't use any
plugin
Jocke