Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 116689

Summary: Heimdal default ticket lifetime set to 10 minutes
Product: Gentoo Linux Reporter: Henrik Sankala <hensan>
Component: [OLD] ServerAssignee: Gentoo Kerberos Maintainers <kerberos>
Status: RESOLVED INVALID    
Severity: trivial CC: mmokrejs
Priority: High    
Version: unspecified   
Hardware: All   
OS: All   
Whiteboard:
Package list:
Runtime testing required: ---

Description Henrik Sankala 2005-12-25 06:15:25 UTC 
In the krb5.conf that gentoo ships with heimdal, ticket_lifetime is set to 600. I think whoever set this value though that this meant 600 minutes (or 10 hours, the standard lifetime for kerberos tickets), but in fact it means 600 seconds, which is a tad short :)
Comment 1 Martin Mokrejš 2007-10-05 16:24:25 UTC 
No, it is expected people run some daemon which can renew their tickets and tokens, for example when using long-time batch jobs accessing data residing on AFS partition. This protects people from having left their 10hrs valid ticket files in /tmp.

You may change the default value by tweaking the default@REALM principal from kadmin(1). Or run "kinit --renew". Should be resolved as INVALID I believe.
Comment 2 Seemant Kulleen (RETIRED) gentoo-dev 2007-10-05 16:49:14 UTC 
Wow Martin, you and I agree for a change :P

Henrik,

I'd rather leave this as an exercise for the sysadmin.