SSSD and Kerberos tickets

[Christoph Höger]

> If you had access to the school's LDAP setup (and I suspect they'd tell
> you if you asked) SSSD does what you're looking for internally.

Neither do I have access to that LDAP (though it might be technically
possible to connect to it, this is just not a supported use case) nor do
I want to rely on the it infrastructure of my university for my
workstation.

> But if I'm understanding you right, you want to just use a local login
> and do a kinit (I don't know what 'kstart' means) when you log in.

This is exactly what I want. It seems like pam usually can do this:

http://techpubs.spinlocksolutions.com/dklar/kerberos.html#id2503053

But since fedora ships with a custom /etc/pam.d layout due to sssd
(which, as we discussed, cannot handle that use case), I'd like to know,
if I still (meaning with sssd in place) can apply the above mentioned
method.

Btw: kstart is a kinit replacement that allows running arbitrary
commands after getting tickets.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20100817/3057c8dd/attachment.bin