From 4b6a0d0b3d42e5fdb457f47d9adfa5e66b160256 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Tue, 30 Aug 2011 10:51:19 -0400 Subject: Add option to specify the kerberos replay cache dir Adds a configure option to set the distribution default as well as an sssd.conf option to override it. https://fedorahosted.org/sssd/ticket/980 --- src/monitor/monitor.c | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) (limited to 'src/monitor/monitor.c') diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c index dd0998418..0e16b78f7 100644 --- a/src/monitor/monitor.c +++ b/src/monitor/monitor.c @@ -55,6 +55,11 @@ * monitor will get crazy hammering children with messages */ #define MONITOR_DEF_PING_TIME 10 +/* Special value to leave the Kerberos Replay Cache set to use + * the libkrb5 defaults + */ +#define KRB5_RCACHE_DIR_DISABLE "__LIBKRB5_DEFAULTS__" + int cmdline_debug_level; int cmdline_debug_timestamps; @@ -1926,8 +1931,34 @@ int monitor_process_init(struct mt_ctx *ctx, struct sysdb_ctx_list *db_list; struct tevent_signal *tes; struct sss_domain_info *dom; + char *rcachedir; int num_providers; int ret; + int error; + + /* Set up the environment variable for the Kerberos Replay Cache */ + ret = confdb_get_string(ctx->cdb, ctx, + CONFDB_MONITOR_CONF_ENTRY, + CONFDB_MONITOR_KRB5_RCACHEDIR, + KRB5_RCACHE_DIR, + &rcachedir); + if (ret != EOK) { + return ret; + } + + if (strcmp(rcachedir, KRB5_RCACHE_DIR_DISABLE) != 0) + { + errno = 0; + ret = setenv("KRB5RCACHEDIR", rcachedir, 1); + if (ret < 0) { + error = errno; + DEBUG(1, + ("Unable to set KRB5RCACHEDIR: %s." + "Will attempt to use libkrb5 defaults\n", + strerror(error))); + } + talloc_zfree(rcachedir); + } /* Set up an event handler for a SIGHUP */ tes = tevent_add_signal(ctx->ev, ctx, SIGHUP, 0, -- cgit