[Freeipa-users] Cockpit integration part I - Single Sign On
Alexander Bokovoy
abokovoy at redhat.com
Mon Jan 4 08:52:26 UTC 2016
On Mon, 04 Jan 2016, Marius Vollmer wrote:
>Alexander Bokovoy <abokovoy at redhat.com> writes:
>
>> Thanks. I think we actually could do better by using gss-proxy -- if
>> only cockpit-ws would cooperate[1]. I'll file a bug
>
>Thanks!
>
>> -- when cockpit-ws launches cockpit-session it doesn't pass anything
>> from the environment cockpit-ws was launched with.
>
>It uses NULL as the envp argument, which means that cockpit-session
>inherits the environment from cockpit-ws, no?
You're right.
>cockpit-session itself calls clearenv() very early, and that is probably
>the reason why GSS_USE_PROXY doesn't work.
>
>https://github.com/cockpit-project/cockpit/blob/master/src/ws/session.c#L955
In that case adding GSS_USE_PROXY to env_names and moving restore of the
environment before the PAM processing would probably be a solution?
--
/ Alexander Bokovoy
More information about the Freeipa-users
mailing list