PSARC 2009/271 Credential Process Groups (CPGS)
Will Fiveash
William.Fiveash at sun.com
Tue May 5 16:23:29 PDT 2009
In
http://sac.sfbay.sun.com/Archives/CaseLog/arc/PSARC/2009/271/inception.materials/Overview-terse.txt
there is:
Architecture:
CPG membership is driven primarily by PAM modules and applications:
...
- svc:/system/cpg/krb5:default registers the "krb5" CPG type and runs a
daemon to kdestroy Kerberos V credentials when the last reference to
a CPG vanishes.
How does this interact with svc:/network/security/ktkt_warn? Seems to
me that there should be one service tending to the needs of the krb5
related ccache. Perhaps the function of ktkt_warn can be folded into
svc:/system/cpg/krb5?
--
Will Fiveash
Sun Microsystems Office x64079/512-401-1079
Austin, TX, 78727 (TZ=CST6CDT), USA
Internal Solaris Kerberos/GSS/SASL website: http://kerberos.sfbay.sun.com
http://opensolaris.org/os/project/kerberos/
More information about the opensolaris-arc
mailing list