On Thu, 2014-10-09 at 23:10 +0200, Natxo Asenjo wrote: > hi, > > When implementing rsyslog with gssapi > (http://www.rsyslog.com/doc/gssapi.html) I came accross the issue > that the rsyslog software expects the credentials cache of the host > principal in /tmp/krb5cc_0; the centos 6.5 hosts joined to a freeipa > kerberos domain save that to /var/tmp/host_0 . > > I tried setting this: > > KRB5CCNAME='/var/tmp/host_0' > > or variations on that (double inverted comma's, no comma's) in > /etc/sysconfig/rsyslog which is the place where one expect to declare > such a variable in redhat/centos systems because that file is sourced > by the init scrip of rsyslog. But unfortunately rsyslog kept > requesting the /tmp/krb5cc_0 file. Copying /var/tmp/host_0 over > /tmp/krb5cc_0 solves this problem and then one can relay syslog > messages using kerberos authentication, but it is not really elegant.
Do you need to also do a: export KRB5CCNAME ?? Or even just on the same line: export KRB5CCNAME='/var/tmp/host_0' Cheers, Kenny. -- The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
