Sssd-kcm does not appear to expire Kerberos tickets.
Issue
- 'sssd-kcm` does not expire the kerberos ticket.
- It looks like it uses the default cache:
(2022-12-07 10:52:32): [kcm] [sss_sec_list] (0x2000): [CID#75] Searching at [cn=ccache,cn=5850,cn=persistent,cn=kcm] with scope=subtree
(2022-12-07 10:52:32): [kcm] [local_dn_to_path] (0x2000): [CID#75] Secrets path for [cn=6df4ca73-e79b-4a80-8477-ef49961328ec-5850:91448,cn=ccache,cn=5850,cn=persistent,cn=kcm] is [6df4ca73-e79b-4a80-8477-ef49961328ec-5850:91448]
(2022-12-07 10:52:32): [kcm] [local_dn_to_path] (0x2000): [CID#75] Secrets path for [cn=34c5d96e-c8c6-43e1-a9bd-fe4ac5216c46-5850:55746,cn=ccache,cn=5850,cn=persistent,cn=kcm] is [34c5d96e-c8c6-43e1-a9bd-fe4ac5216c46-5850:55746]
(2022-12-07 10:52:32): [kcm] [sss_sec_list] (0x1000): [CID#75] Returning 2 secrets
(2022-12-07 10:52:32): [kcm] [key_by_uuid] (0x2000): [CID#75] Found key 6df4ca73-e79b-4a80-8477-ef49961328ec-5850:91448
(2022-12-07 10:52:32): [kcm] [ccdb_secdb_name_by_uuid_send] (0x2000): [CID#75] Got ccache by UUID
(2022-12-07 10:52:32): [kcm] [kcm_op_get_default_ccache_reply_step] (0x2000): [CID#75] The default ccache is 5850:91448
Environment
- Red Hat Enterprise Linux 8.3
- Red Hat Enterprise Linux 9.2
- sssd
- Kerberos
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
