[Search for users] [Overall Top Noters] [List of all Conferences] [Download this site]

Conference tuxedo::dce-products

Title:	DCE Product Information
Notice:	Kit Info - See 2.-4.
Moderator:	TUXEDO::MAZZAFERRO

Created:	Fri Jun 26 1992
Last Modified:	Fri Jun 06 1997
Last Successful Update:	Fri Jun 06 1997
Number of topics:	2269
Total number of notes:	10003

2191.0. "Credentials cleanup" by OHFSS1::KANNAPAREDDY () Fri Mar 14 1997 13:50

    
    	Greetings,
    	I am looking for such an utility for our DCE-client with
    	SIA enabled. The problems seems to be there are zillions
    	of creds files in the "/opt/dcelocal/var/security/creds"
    	directory AND some of the files are huge due to the 
    	following reasons:
    
    	1) our cell-wide registry policy for tixket expiration is
    	   a one week. I cannot change that since that is what the
    	   customer wants to go through.
    	2) Currently none of the users do a "kdestroy" when they 
    	   logout, and it is NOT an option for me to put it in the
    	   system-wide /etc/profile or /etc/csh.login, for it will
    	   break some other software (we found out the hard way).
    	3) The problems becomes worse since our turbolaser does not
    	   seem to go down at all :) so I cannot do the "dcesetup clean"
    	  and "start".
    
    So,I am willing to write the util, if someone can tell me how
    	   to pass a "cred" file and get a "login context" handle back
    	   from the "sec_login" API's. I tried to use the "sec_login_
    	   import_context" call, but I think it is not the correct way
    	or is it? (I mean it works, but it behaves oddly).
    
    	Or, if one exists can anyone point me to location?
    
    	Also, with SIA enabled when a user logs into the system, 4
    	"files" are created for him not "3" as one would expect, what is
    	 the call that creates the 4th file? For e.g
    	dcecred_41ffffffe
    	dcecred_41ffffffe.data
    	dcecred_41ffffffe.nc
    	All the above files I would expect but there is one more that is
    	created:
    	dcecred_13829898
    	Now, the above file and "dcecred_41ffffffe" have a link count
    	of 2, which is odd? 
    	All in all it makes the problem worse!

T.R Title User Personal
Name Date Lines

2191.1 TUXEDO::LIM Fri Mar 21 1997 06:37 9

T.R	Title	User	Personal Name	Date	Lines
2191.1		TUXEDO::LIM		`Fri Mar 21 1997 06:37`	9
	YOu should be able to use sec_login_import_context() to get the login context. You then make a call to sec_login_get_expiration() to get the expiration date of the login context and decide if you want to delete the files. Make sure release the login context( sec_login_release_context() ) after this to free up memory. Kyungae

    YOu should be able to use sec_login_import_context() to get the
    login context. You then make a call to sec_login_get_expiration()
    to get the expiration date of the login context and decide if you
    want to delete the files.
    Make sure release the login context( sec_login_release_context() )
    after this to free up memory.
    
    
    Kyungae