4 # KDC could be on remote hosts, but we suppose lgssd/lsvcgssd only
8 export KDCHOST=${KDCHOST:-"localhost"}
9 export KDCDIR=${KDCDIR:-"/usr/kerberos/sbin"}
10 export KRB5DIR=${KRB5DIR:-"/usr/kerberos"}
11 export LGSSD=${LGSSD:-"/sbin/lgssd"}
12 export SVCGSSD=${SVCGSSD:-"/sbin/lsvcgssd"}
13 export PDSH=${PDSH:-"ssh"}
16 if [ "x$1" != "xkrb5i" -a "x$1" != "xkrb5p" ]; then
24 if [ `using_krb5_sec $SECURITY` == 'n' ] ; then
28 num=`$PDSH $KDCHOST "PATH=\$PATH:$KDCDIR; ps ax | grep krb5kdc | grep -v "grep" | wc -l"`
29 if [ $num -eq 1 ]; then
33 $PDSH $KDCHOST "PATH=\$PATH:$KDCDIR; krb5kdc"
34 num=`$PDSH $KDCHOST "PATH=\$PATH:$KDCDIR; ps ax | grep krb5kdc | grep -v "grep" | wc -l"`
35 if [ $num -ne 1 ]; then
36 echo "fail to start krb5 KDC, check env KDCHOST and KDCDIR"
42 prepare_krb5_cache() {
43 if [ `using_krb5_sec $SECURITY` == 'n' ] ; then
47 $KRB5DIR/bin/klist -5 -s
49 if [ $invalid -eq 0 ]; then
53 echo "***** refresh Kerberos V5 TGT for uid $UID *****"
60 if [ `using_krb5_sec $SECURITY` == 'n' ] ; then
64 killall -q -9 lsvcgssd || true
67 num=`ps -o cmd -C "lsvcgssd" | grep lsvcgssd | wc -l`
68 if [ $num -ne 1 ]; then
69 echo "failed to start lsvcgssd"
76 killall -q -9 lsvcgssd || true
81 if [ `using_krb5_sec $SECURITY` == 'n' ] ; then
85 prepare_krb5_cache || exit 1
87 killall -q -9 lgssd || true
90 num=`ps -o cmd -C "lgssd" | grep lgssd | wc -l`
91 if [ $num -ne 1 ]; then
92 echo "failed to start lgssd $num"
99 killall -q -9 lgssd || true