Project

General

Profile

Bug #5530

Kerberos Cache file is shared between accounts

Added by Eric Flumerfelt almost 6 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Start date:
02/26/2014
Due date:
% Done:

0%

Estimated time:
Duration:

Description

When starting VNC servers, each VNC server (for the various novacr accounts) must be started in a separate ssh session (don't use root and su to change to each user and start the vncserver).

Noticed on NDOS 2/26/14, kinit for novacr01, then kinit on novacr02 would produce "Credentials Cache Error", klist on novacr02 would show "Credential Cache permissions incorrect". Both accounts were trying to use the same credential cache in /tmp. Killed vncserver for novacr02 and restarted from ssh session on nova-daq-06, now they use different caches. There appears to be some issue with VNC where it does not properly report the UID to kinit when you're initializing from within the VNC session.



Also available in: Atom PDF