Displaying 1 result from an estimated 1 matches for "krb5cc_14001_i1h5wf".
2017 Apr 11
0
Good practices to make a Kerberos "mount.cifs" launched by root but with the credentials of another user
...I can open a graphical session with the AD account bob (uid
== 14001). In this case, I have the environment variable
KRB5CCNAME which is well set in the graphical session of bob:
# In a gnome-terminal of the bob graphical session, I have:
bob at stretch:~$ env | grep KR
KRB5CCNAME=FILE:/tmp/krb5cc_14001_I1H5wf
bob at stretch:~$ ls -l /tmp/krb5cc_14001_I1H5wf
-rw------- 1 bob domusers 3534 Apr 11 15:43 /tmp/krb5cc_14001_I1H5wf
The display manager Lightdm uses PAM and especially pam_krb5
and it's this lib which has created the credentials cache file
/tmp/krb5cc_14001_I1H5wf where 14001 is the uid...