[SSSD-users] Re: SSSD does not destroy kerberos cache on user logout
Can you sanitize and share sssd.conf?
Striker
On 04/15/2016 07:06 AM, Ondrej Valousek wrote:
> Does not work:
>
> [root@win-4bkps6vk3dp sssd]# loginctl list-sessions
> SESSION UID USER SEAT
> 1 0 root seat0
>
> 1 sessions listed.
> [root@win-4bkps6vk3dp sssd]# su - ondrej
> Poslední přihlášení: Pá 15.04.2016 11:34:29 CEST na pts/3
> [ondrej@lektor ~]$ klist
> Ticket cache: KEYRING:persistent:20000:krb_ccache_p4yHkVA
> Default principal: ondrej(a)CONTOSO.COM
>
> Valid starting Expires Service principal
> 15.4.2016 11:33:53 15.4.2016 21:33:53 krbtgt/CONTOSO.COM(a)CONTOSO.COM
> renew until 22.4.2016 11:33:53
> [ondrej@lektor ~]$
>
> ________________________________________
> From: Lukas Slebodnik [lslebodn(a)redhat.com]
> Sent: Friday, April 15, 2016 11:59 AM
> To: End-user discussions about the System Security Services Daemon
> Subject: [SSSD-users] Re: SSSD does not destroy kerberos cache on user logout
>
> On (15/04/16 10:52), Ondrej Valousek wrote:
>> Hi list,
>> I just discovered that SSSD does not destroy user Kerberos cache credentials upon
logout on Centos-7 (sssd vers 1.13).
>> Is that known issue?
>>
> IIRC ticket should be destroyed together with session.
> and session needn't be destroyed after logout.
> Try to check as another user/root with following command.
> loginctl list-sessions
>
> LS