Lines Matching defs:keytab
40 "%s/%s.keytab", IPA_TRUST_KEYTAB_DIR, forest);
66 /* Shouldn't happen, but let's try system keytab in this case */
138 char *keytab;
142 keytab = forest_keytab(id_ctx, forest);
144 if (keytab == NULL || principal == NULL) {
154 keytab,
157 talloc_free(keytab);
395 const char *keytab)
411 if (server == NULL || principal == NULL || keytab == NULL) {
417 "Retrieving keytab for %s from %s into %s using ccache %s\n",
418 principal, server, keytab, ccache);
422 ipa_getkeytab_exec(ccache, server, principal, keytab);
551 DEBUG(SSSDBG_CRIT_FAILURE, "Timeout reached for retrieving keytab from IPA server\n");
574 static errno_t ipa_check_keytab(const char *keytab,
580 ret = check_file(keytab, getuid(), getgid(), S_IFREG|0600, 0, NULL, false);
582 DEBUG(SSSDBG_TRACE_FUNC, "Keytab %s is not present\n", keytab);
586 ret = check_file(keytab, kt_owner_uid, kt_owner_gid,
592 DEBUG(SSSDBG_OP_FAILURE, "Failed to check for %s\n", keytab);
594 DEBUG(SSSDBG_TRACE_FUNC, "Keytab %s is not present\n", keytab);
600 DEBUG(SSSDBG_TRACE_ALL, "keytab %s already exists\n", keytab);
614 const char *keytab;
669 /* Use system keytab, nothing to do here */
673 /* Need special keytab */
712 state->keytab = forest_keytab(state, state->forest);
713 if (state->keytab == NULL) {
718 state->new_keytab = talloc_asprintf(state, "%sXXXXXX", state->keytab);
726 DEBUG(SSSDBG_CRIT_FAILURE, "Cannot create temporary keytab name\n");
731 "Will re-fetch keytab for %s\n", state->subdom->name);
767 /* Do not fail here, but try to check and use the previous keytab,
779 ret = rename(state->new_keytab, state->keytab);
787 DEBUG(SSSDBG_TRACE_INTERNAL, "Keytab renamed to %s\n", state->keytab);
790 "Trying to recover and use the previous keytab, if available\n");
791 ret = ipa_check_keytab(state->keytab,
796 "The previous keytab %s contains the expected principal\n",
797 state->keytab);
800 "Cannot use the old keytab: %d\n", ret);