[Freeipa-users] Where in the login process is KRB5CCNAME being set
Kees Bakker
keesb at ghs.com
Wed Feb 8 08:59:52 UTC 2017
Hi,
This is a follow-up on the problem I had with
klist: Invalid UID in persistent keyring name while getting default ccache
(See "How to enable krb5_child log" earlier this month.)
The situation is that we have local users with the same name that exist in IPA,
but the UIDs are different. We have this on several systems, and it is because
we are in the process of setting up a FreeIPA server.
Now (so far), on one system the environment variable KRB5CCNAME is set during
login. (Login via display manager or console, does not matter. If logged via SSH
then the variable is not set.)
My question: where / how is that variable being set? I'd like to understand why
this one system is different from the rest.
Other details: Ubuntu 16.04 (server and clients).
BTW. The klist / kinit problem can easily be solved by unsetting that environment
variable.
--
Kees
More information about the Freeipa-users
mailing list