ksession(TC)
ksession --
monitor an existing Kerberos credentials cache
Syntax
ksession
[ -c ] [ -w ] [ -t minutes ]
Description
ksession forks and executes a user's default
shell program (as specified in /etc/passwd) while
monitoring their existing Kerberos credentials cache.
When the user ends their shell session, ksession
automatically cleans up their credentials
(unless -c is specified).
If the -w option is not specified, the user is also
warned if their Kerberos credentials have expired or are about
to expire.
The file .credscript
in the user's home directory,
is executed in the following cases:
-
when credentials are about to expire,
ksession executes
/bin/sh $HOME/.credscript warn
-
after credentials have expired,
ksession executes
/bin/sh $HOME/.credscript expire
-
if the credentials cache is removed or becomes corrupted,
ksession executes
/bin/sh $HOME/.credscript error
NOTE: The .credscript file
executes every 10 minutes
if one of the above conditions is true.
You should take this into account when
programming the .credscript file.
.credscript only executes if it is owned by the user
or by root, and write permission is disabled for group
and other. The -w flag does not affect the execution
of the .credscript file.
ksession understands the following options:
-c-
do not remove the user's Kerberos credentials
when the shell session ends.
-w-
do not print warning messages
when the user's Kerberos credentials expire or are
about to expire.
-t minutes-
begin printing warning messages minutes before
credentials actually expire. Additionally, the .credscript
file executes with the warn argument set.
Limitations
You cannot specify a shell other than the
default shell defined in /etc/passwd.
Files
/etc/expire.creds-
checked for credentials expiration
$HOME/.credscript-
optional Bourne shell script executed upon credentials expiration
See Also
kdestroy(TC),
kinit(TC),
klist(TC),
passwd(F)
Standards conformance
ksession is not part of any currently supported
standard. It is an extension of AT&T UNIX System V
provided by The Santa Cruz Operation, Inc.
© 2005 The SCO Group, Inc. All rights reserved.
SCO OpenServer Release 6.0.0 -- 02 June 2005