How can I set the default_ccache_name Kerberos attribute on the client without using KRB5CCNAME?
According to the MIT Kerberos documentation, the default credential cache name is defined as follows:
Default ccache filename
The default credential cache name is defined as follows, in descending order of priority:
1. The KRB5CCNAME environment variable. For example, KRB5CCNAME=DIR:/mydir/. 2. The default_ccache_name profile variable in [libdefaults]. 3. The hardcoded default, DEFCCNAME.
http://web.mit.edu/kerberos/krb5-devel/doc/basic/ccache_def.html
I'm wondering if there is a way to define the default_ccache_name (# 2) profile variable on the client side? I tried to define it as specified in / etc / krb 5.conf on one of my client machines:
[libdefaults]
...
default_ccache_name = FILE:/var/krb5/security/creds/krb5cc_%{uid}
...
But the client binaries (klist / kinit / kdestroy, etc.) seem to completely ignore this:
[~]$ klist
klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_34125)
I am running version 1.9.4:
[~]$ klist -V
Kerberos 5 version 1.9.4
source to share
Drat, I think I found my own answer - version 1.9.4 does not have this setting:
http://web.mit.edu/kerberos/www/krb5-1.9/krb5-1.9.4/doc/krb5-admin.html
This will help you find the correct documentation ...
source to share