REMCTL_SET_CCACHE(3) remctl Library Reference REMCTL_SET_CCACHE(3)
NAME
remctl_set_ccache - Set credential cache for remctl client connections
SYNOPSIS
#include <remctl.h>
int remctl_set_ccache(struct remctl *r, const char *ccache);
DESCRIPTION
remctl_set_ccache() tells the underlying GSS-API library used by the remctl client library to use ccache as the credential cache for
authentication to a remctl server. It will affect any subsequent remctl_open() calls on the same struct remctl object (and may have
broader effects; see below). ccache is normally a path to a file in the file system that holds Kerberos credentials, but may take other
values depending on the underlying Kerberos implementation used by GSS-API.
Calling this function will normally override any KRB5CCNAME environment setting. If the caller wishes to honor that setting, it should
either not call this function or check whether that environment variable is set first.
RETURN VALUE
remctl_set_ccache() returns true on success and false on failure. On failure, the caller should call remctl_error() to retrieve the error
message.
This function will always return failure if the underlying GSS-API implementation against which the remctl client library was compiled does
not support setting the Kerberos credential cache. The caller should be prepared for that. Falling back on setting the KRB5CCNAME
environment variable is often a reasonable choice.
EXAMPLES
Here's an example of attempting to use this function to set a ticket cache location and falling back on setting KRB5CCNAME in the
environment if this function is not supported.
struct remctl r;
r = remctl_new();
if (r != NULL)
if (!remctl_set_ccache(r, "/tmp/krb5cc_example"))
putenv("KRB5CCNAME=/tmp/krb5cc_example");
This assumes that any failure is due to lack of support from the underlying library rather than some other cause.
WARNINGS
Calling this function normally sets the credential cache used by the underlying GSS-API library for every GSS-API operation in the current
execution context (process or thread), not just for this remctl object or even just for remctl operations. This function therefore changes
global execution state and may affect other GSS-API operations done elsewhere in the same process. This is an inherent limitation in the
current GSS-API.
SEE ALSO
remctl_new(3), remctl_open(3), remctl_error(3)
The current version of the remctl library and complete details of the remctl protocol are available from its web page at
<http://www.eyrie.org/~eagle/software/remctl/>.
AUTHOR
Russ Allbery <rra@stanford.edu>
COPYRIGHT AND LICENSE
Copyright 2011 The Board of Trustees of the Leland Stanford Junior University
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright
notice and this notice are preserved. This file is offered as-is, without any warranty.
3.2 2012-06-19 REMCTL_SET_CCACHE(3)