Login or Register to Ask a Question and Join Our Community


Linux

cifs.upcall issue, requests new kerberos service ticket all the time

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux cifs.upcall issue, requests new kerberos service ticket all the time
# 1  
Old 04-10-2012
cifs.upcall issue, requests new kerberos service ticket all the time
This is more of an annoyance than an actual production issue. I've set it up so that each user's home directory is mounted to an immediate subdirectory of $HOME when they login, (and umounts when they log out to keep /proc/mounts a manageable size).

My issue comes in when my login scripts (autofs wasn't workable for what I needed) didn't check to see if their AD home directory was mounted or not, it mounted over top of the other directory (that part was expected given the bug) but it looks like it kept requesting new kerberos service tickets as well, never re-using the service tickets that were already present in the user's credential cache.

Obviously, this can't be how it's intended to function but I'm all new to kerberized VFS mounts/request-key.conf so I don't know where to begin looking. Are the service tickets likely not in their session key ring (as in: do I need to play around with keyutils some more?).

Any help or direction would be appreciated.
- Joel
Login or Register to Ask a Question

Previous Thread | Next Thread

6 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

awk script to find time difference between HTTP PUT and HTTP DELETE requests in access.log

Hi, I'm trying to write a script to determine the time gap between HTTP PUT and HTTP DELETE requests in the HTTP Servers access log. Normally client will do HTTP PUT to push content e.g. file_1.txt and 21 seconds later it will do HTTP DELETE, but sometimes the time varies causing some issues... (3 Replies)
Discussion started by: Juha
3 Replies

2. Solaris

Kerberos Ticket expiry warning message

Hi, was wondering if its possible to change the default warning message text that notifies users that their kerberos ticket is due to expire in xx minutes. I am using Kerberos 5 on Sol 10. Can't find anything in man pages, so hoping its maybe an undocumented feature. I'd like to make the... (1 Reply)
Discussion started by: melias
1 Replies

3. UNIX and Linux Applications

Slackware: mount cifs with kerberos

On Slackware14.0 Compiled cifs-utils with kerberos support on request-key.conf added create cifs.spnego * * /usr/sbin/cifs.upcall %k %d But when i try mount -o sec=krb5 -t cifs //SLACK64//Users /media/users mount error(38): Function not implemented Refer to the... (1 Reply)
Discussion started by: Linusolaradm1
1 Replies

4. Red Hat

Issue with mounts CIFS

I donot know much about CIFS but i have been asked to look into an issue related to mounting CIFS filesystem On my redhat 5.6 the /etc/fstab file has the following entry //172.25.x.x/de0/ /dir1/de0 cifs username=bodsadm,password=12345,dir_mode=0777,file_mode=0777,uid=de0adm,gid=sapsys,rw 0 0... (2 Replies)
Discussion started by: Tirmazi
2 Replies

5. BSD

Kerberos log file does not log when ticket is destroyed

Hi, in the log file there is line when the ticket is issued but when an user destroys the ticket there is no record. Does someone have an idea? (0 Replies)
Discussion started by: gaspar
0 Replies

6. HP-UX

LDAP/Kerberos Issue

I am getting the following error message when trying to login to the client: while verifying tgt If I move the /etc/krb5.keytab out of /etc, it works fine. This is HP-UX v23 Does anyone have any ideas? (1 Reply)
Discussion started by: dhernand
1 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

fgetty

FGETTY(8)						   System Administrator's Manual						 FGETTY(8)

NAME

       fgetty - a small getty for linux

SYNOPSIS

       fgetty tty [--noclear] [--long-hostname]

DESCRIPTION

       The command fgetty is normally invoked by init(8), opens a tty port, prompts for a login name and invokes the /bin/login command.

OPTIONS

       --noclear makes fgetty not clear the screen before displaying the login prompt.

       --long-hostname makes fgetty display the full hostname in the login prompt.

FILES

       /etc/issue	printed before the login prompt
       /etc/inittab	init(8) configuration file
       /var/run/utmp	the system status file

ISSUE ESCAPES

       The  issue-file	(/etc/issue  or  the file may contain certain escape codes to display the system name, date and time etc. All escape codes
       consist of a backslash () immediately followed by one of the letters explained below.

       d      the current date. (eg: 2002-01-19)

       s      the system name, the name of the operating system. (eg: Linux)

       l      the name of the current tty line. (eg: tty3)

       m      the architecture identifier of the machine (eg: i586)

       n      the nodename of the machine, also known as the hostname. (eg: sirius)

       o      the domainname of the machine. (eg: (none))

       r      the release number of the OS. (eg: 2.4.3-i)

       t      the current time. (eg: 14:51:51)

       u      the number of current users logged in. (eg: 4)

       U      the string "1 user" or "<n> users", where <n> is the number of current users logged in. (eg: 4 users)

       v      Insert the version of the OS. (eg: #2 Fre Jan 18 23:05:45 CET 2002)

ENVIRONMENT VARIABLES

       HOST    is set to your hostname
       TERM    is set to linux
       TTY     is set to the current tty line

RETURN VALUES

       1     could not chown/chmod tty device
       3     could not open tty device
       4     not a typewriter
       5     vhangup failed
       6     could not open tty (can't happen)
       7     dup failed
       8     could not exec login
       9     read returned an unexpected error
       10    unprintable character in login name
       11    login name too long (>40)

       13    user name started with a dash
       23    received SIGQUIT

AUTHOR

       Felix von Leitner <felix-fgetty@fefe.de>

       Homepage: http://www.fefe.de/fgetty/

fgetty								    2002-01-19								 FGETTY(8)