warn.conf - Kerberos warning configuration file
/etc/krb5/warn.conf
The warn.conf file contains configuration information specifying how users will be warned by the ktkt_warnd daemon about ticket expiration. In addition, this file can be used to auto-renew the user's Ticket-Granting Ticket (TGT) instead of warning the user. Credential expiration warnings and auto-renew results are sent, by means of syslog, to auth.notice.
Each Kerberos client host must have a warn.conf file in order for users on that host to get Kerberos warnings from the client. Entries in the warn.conf file must have the following format:
principal [renew[:opt1,...optN]] syslog|terminal time
or:
principal [renew[:opt1,...optN]] mail time [email address]
principal
renew
The renew options include:
log-success
log-failure
log
Note -
syslog
terminal
time
email_address
Example 1 Specifying Warnings
The following warn.conf entry
* syslog 5m
specifies that warnings will be sent to the syslog five minutes before the expiration of the TGT for all principals. The form of the message is:
[email protected]: your kerberos credentials expire in 5 minutes
Example 2 Specifying Renewal
The following warn.conf entry:
* renew:log terminal 30m
...specifies that renew results will be sent to the user's terminal 30 minutes before the expiration of the TGT for all principals. The form of the message (on renew success) is:
[email protected]: your kerberos credentials have been renewed
/usr/lib/krb5/ktkt_warnd
See attributes(5) for descriptions of the following attributes:
|
kinit(1), kdestroy(1), ktkt_warnd(1M), syslog.conf(4), utmpx(4), attributes(5), kerberos(5), pam_krb5(5)
The auto-renew of the TGT is attempted only if the user is logged-in, as determined by examining utmpx(4).
Закладки на сайте Проследить за страницей |
Created 1996-2024 by Maxim Chirkov Добавить, Поддержать, Вебмастеру |