Created
October 7, 2009 18:13
-
-
Save jrk/204278 to your computer and use it in GitHub Desktop.
Tools for easily and automatically initializing/renewing Kerberos tickets with launchd and from command-line scripts on Snow Leopard.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Initialize or renew Kerberos tickets. Assumes password for the requested principal is stored in the | |
| # keychain, which is now automatically used by Snow Leopard kinit. | |
| # This is useful to define globally in your shell profile, for easy use within other scripts and | |
| # from the command-line. | |
| function ker { | |
| kinit -R 2> /dev/null | |
| if [[ $? = '0' ]]; then | |
| echo "renewed..." | |
| klist | |
| else | |
| kinit $1 | |
| klist | |
| fi | |
| } | |
| # Test whether the machine is online. | |
| function network_is_connected { | |
| oldwired=$wired | |
| oldwireless=$wireless | |
| unset wired | |
| unset wireless | |
| wiredStatus=`ifconfig en0 | grep status | grep -vc inactive` | |
| wirelessStatus=`ifconfig en1 | grep status | grep -vc inactive` | |
| if [[ $wiredStatus != "0" ]]; then | |
| wired=true | |
| fi | |
| if [[ $wirelessStatus != "0" ]]; then | |
| wireless=true | |
| fi | |
| if [[ $wired || $wireless ]]; then | |
| echo "true" | |
| else | |
| echo "false" | |
| fi | |
| wired=$oldwired | |
| wireless=$oldwireless | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| To initialize Keychain entries for your Kerberos principal(s) in 10.6, the simplest method is to run kinit with no attached tty, e.g.: | |
| echo | kinit [principal] | |
| or | |
| kinit [principal] < /dev/null |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | |
| <plist version="1.0"> | |
| <dict> | |
| <key>Disabled</key> | |
| <false/> | |
| <key>Label</key> | |
| <string>edu.mit.jrk.RenewKerberosTickets</string> | |
| <key>ProgramArguments</key> | |
| <array> | |
| <string>/path/to/bin/renewKerberos.sh</string> | |
| </array> | |
| <key>RunAtLoad</key> | |
| <true/> | |
| <key>StartInterval</key> | |
| <integer>3600</integer> | |
| </dict> | |
| </plist> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| source ~/.profile.functions | |
| if [[ `network_is_connected` == "true" ]]; then | |
| ker $MyPrincipal | |
| else | |
| echo "renewKerberos: not renewing because not online" | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment