kcm man page on NetBSD

Man page or keyword search:  
man Server   9087 pages
apropos Keyword Search (all sections)
Output format
NetBSD logo
[printable version]

KCM(8)			  BSD System Manager's Manual			KCM(8)

     kcm — is a process based credential cache for Kerberos tickets.

     kcm [--cache-name=cachename] [-c file | --config-file=file] [-g group |
	 --group=group] [--max-request=size] [--disallow-getting-krbtgt]
	 [--detach] [-h | --help] [-k principal |
	 --system-principal=principal] [-l time | --lifetime=time] [-m mode |
	 --mode=mode] [-n | --no-name-constraints] [-r time |
	 --renewable-life=time] [-s path | --socket-path=path]
	 [--door-path=path] [-S principal | --server=principal] [-t keytab |
	 --keytab=keytab] [-u user | --user=user] [-v | --version]

     kcm is a process based credential cache.  To use it, set the KRB5CCNAME
     enviroment variable to ‘KCM:uid’ or add the stanza

	     default_cc_name = KCM:%{uid}

     to the /etc/krb5.conf configuration file and make sure kcm is started in
     the system startup files.

     The kcm daemon can hold the credentials for all users in the system.
     Access control is done with Unix-like permissions.	 The daemon checks the
     access on all operations based on the uid and gid of the user.  The tick‐
     ets are renewed as long as is permitted by the KDC's policy.

     The kcm daemon can also keep a SYSTEM credential that server processes
     can use to access services.  One example of usage might be an nss_ldap
     module that quickly needs to get credentials and doesn't want to renew
     the ticket itself.

     Supported options:

	     system cache name

     -c file, --config-file=file
	     location of config file

     -g group, --group=group
	     system cache group

	     max size for a kcm-request

	     disallow extracting any krbtgt from the kcm daemon.

	     detach from console

     -h, --help

     -k principal, --system-principal=principal
	     system principal name

     -l time, --lifetime=time
	     lifetime of system tickets

     -m mode, --mode=mode
	     octal mode of system cache

     -n, --no-name-constraints
	     disable credentials cache name constraints

     -r time, --renewable-life=time
	     renewable lifetime of system tickets

     -s path, --socket-path=path
	     path to kcm domain socket

	     path to kcm door socket

     -S principal, --server=principal
	     server to get system ticket for

     -t keytab, --keytab=keytab
	     system keytab name

     -u user, --user=user
	     system cache owner

     -v, --version

BSD				 May 29, 2005				   BSD
                             _         _         _ 
                            | |       | |       | |     
                            | |       | |       | |     
                         __ | | __ __ | | __ __ | | __  
                         \ \| |/ / \ \| |/ / \ \| |/ /  
                          \ \ / /   \ \ / /   \ \ / /   
                           \   /     \   /     \   /    
                            \_/       \_/       \_/ 
More information is available in HTML format for server NetBSD

List of man pages available for NetBSD

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
Vote for polarhome
Free Shell Accounts :: the biggest list on the net