[Bug 213909] pam_krb5 ignores ticket lifetime configuration in /etc/krb5.conf
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sun Oct 30 07:48:28 UTC 2016
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=213909
Bug ID: 213909
Summary: pam_krb5 ignores ticket lifetime configuration in
/etc/krb5.conf
Product: Base System
Version: 11.0-RELEASE
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: bin
Assignee: freebsd-bugs at FreeBSD.org
Reporter: basarevych at gmail.com
I am using NIS and Kerberos from the base system of FreeBSD 11. Whenever I
login to workstation (text console) I get keys like this:
> klist
Credentials cache: FILE:/tmp/krb5cc_1001
Principal: ross at LAN
Issued Expires Principal
Oct 30 09:29:12 2016 Oct 30 19:29:12 2016 host/desktop.lan at LAN
Oct 30 09:29:12 2016 Oct 30 19:29:12 2016 krbtgt/LAN at LAN
They are valid for exactly 10 hours. However in /etc/krb5.conf I have this:
[appdefaults]
pam = {
ticket_lifetime = 1d
default_lifetime = 1d
renew_lifetime = 1d
}
[libdefaults]
default_realm = LAN
ticket_lifetime = 1d
default_lifetime = 1d
renew_lifetime = 1d
[domain_realm]
.lan = LAN
[realms]
LAN = {
kdc = coffin.lan
admin_server = coffin.lan
kpasswd_server = coffin.lan
default_domain = lan
}
If I run "kinit ross" manually then I get the tickets for one day as expected.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list