From 945e1f1fab935616bde0d1d64d9e16225b44c183 Mon Sep 17 00:00:00 2001 From: Sumit Bose Date: Thu, 10 Sep 2009 14:43:33 +0200 Subject: add krb5ccache_dir and krb5ccname_template option The configuration options krb5ccache_dir and krb5ccname_template are added to the Kerberos provider to create the user's credential caches the same way as pam_krb5 does. Due to the design of the sssd and the supported ccache types of MIT Kerberos only files are allowed. --- server/man/sssd-krb5.5.xml | 71 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) (limited to 'server/man') diff --git a/server/man/sssd-krb5.5.xml b/server/man/sssd-krb5.5.xml index 188cc9133..4b26c0294 100644 --- a/server/man/sssd-krb5.5.xml +++ b/server/man/sssd-krb5.5.xml @@ -91,6 +91,77 @@ + + + krb5ccache_dir (string) + + + Directory to store credential caches. + + + Default: /tmp + + + + + + krb5ccname_template (string) + + + Location of the user's credential cache. Currently + only file based credential caches are supported. In + the template the following sequences are + substituted: + + + %u + login name + + + %U + login UID + + + %p + principle name + + + + %r + realm name + + + %h + home directory + + + + %d + value of krb5ccache_dir + + + + + %P + the process ID of the sssd + client + + + + %% + a literal '%' + + + + If the template ends with 'XXXXXX' mkstemp(3) is + used to create a unique filename in a safe way. + + + Default: FILE:%d/krb5cc_%U_XXXXXX + + + + -- cgit