.TH credmonger 8 2009-04-02 "" "" .SH NAME credmonger \- maintain Kerberos credential caches for other processes .SH SYNOPSIS credmonger [-c \fIconfigdir\fP] [-n] [-p \fIpidfile\fP] .SH DESCRIPTION The \fIcredmonger\fP daemon creates and refreshes Kerberos credential cache files on behalf of other processes and users, which are typically daemons which need to authenticate to other services using Kerberos. .SH ARGUMENTS .IP -c configdir Changes the directory in which \fIcredmonger\fP searches for its configuration from the default (\fI@myconfigdir@\fP) to the specified value. .IP -n Tells \fIcredmonger\fP to not fork and become a background process. When running in the foreground, \fIcredmonger\fP will print diagnostic information to \fIstderr\fP. .IP -p pidfile When running as a background process, \fIcredmonger\fP will log its process ID to the named file. .SH CONFIGURATION The \fIcredmonger\fP daemon searches its configuration directory for files. Each file is expected to contain one or more lines, each containing a colon-delimited entry with relevant settings. The first field contains the name or UID of the user for whom the credential cache should be maintained. The second field contains the path of the keytab which contains the keys which can be used to obtain credentials. The third field contains the user's principal name. The principal name need not contain a realm component if it is the default realm. If the principal name ends with a "/" character, the local host name will be appended. The fourth field contains the path to the file credential cache in which the credentials will be stored. If the name ends with XXXXXX, then a unique file name will be generated using mkstemp(\fB3\fP). The file is removed when the daemon exits. The work of \fIcredmonger\fP can be accomplished with a combination of cron(\fB8\fP) and kinit(\fB1\fP)'s \fI-k\fP option. .SH EXAMPLE Make sure that the root user has credentials for the local system's \fIhost\fP service in \fI/tmp/krb5cc_0\fP. root:/etc/krb5.keytab:host/:/tmp/krb5cc_0 .SH SEE ALSO kinit(\fB1\fP) .SH BUGS How did you get this program?