تلاش سپورٹ

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

مزید سیکھیں

Kerberos keytab location

  • 2 جواب دیں
  • 0 میں یہ مسئلہ ہے
  • 8 دیکھیں
  • آخری جواب بذریعہ gerdesj

more options

How does Firefox determine where the Kerberos keytab is located?

The default location for Kerberos keytabs on a Linux box is within /tmp. /tmp is very temporary these days and is wiped on reboot and it looks like on the various power save/restore.

So, I decided to move the keytabs to a static location to allow them to work according to the usual schedules and timeouts, instead of being wiped out on a whim. I settled on /var/lib/krb5tabs/krb5cc_%u I configured that within /etc/krb5.conf

I use pam_winbind from Samba to do the Kerberos login and the keytab is filled in and the environment var KRB5CCNAME is set correctly.

Before the change of the location of the keytab from the defaults, everything works fine apart from after a resume and creds need re entering (which is the pain I am trying to avoid).

After the change, Evolution is still able to authenticate via Kerberos but Firefox is not. So, does FF just assume defaults or actually follow KRB5CCNAME - which seems to be the standard for Kerberos?

How does Firefox determine where the Kerberos keytab is located? The default location for Kerberos keytabs on a Linux box is within /tmp. /tmp is '''''very''''' temporary these days and is wiped on reboot and it looks like on the various power save/restore. So, I decided to move the keytabs to a static location to allow them to work according to the usual schedules and timeouts, instead of being wiped out on a whim. I settled on '''''/var/lib/krb5tabs/krb5cc_%u''''' I configured that within '''''/etc/krb5.conf''''' I use pam_winbind from Samba to do the Kerberos login and the keytab is filled in and the environment var KRB5CCNAME is set correctly. Before the change of the location of the keytab from the defaults, everything works fine apart from after a resume and creds need re entering (which is the pain I am trying to avoid). After the change, Evolution is still able to authenticate via Kerberos but Firefox is not. So, does FF just assume defaults or actually follow KRB5CCNAME - which seems to be the standard for Kerberos?

تمام جوابات (2)

more options

How is the related to Firefox browser? I think this is more related to the OS that controls the keyboard layout otherwise this is the standard Firefox hotkeys setup. This seems more like a keyboard layout feature.

https://support.mozilla.org/en-US/kb/keyboard-shortcuts-perform-firefox-tasks-quickly

Anything different would be up to the 3rd party software to define and support keyboard changes or configurations.

مددگار؟

more options

Thank you for your response. Keyboard layouts are unrelated to Kerberos.

مددگار؟

ایک سوال پوچھیں

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.