HPE Community
Operating System - HP-UX
1820216 Members
3674 Online
109620 Solutions
New Discussion юеВ

Re: DCE command kdestroy does not remove old credential files...

 
Rui Vilao
Regular Advisor

тАО04-18-2001 05:06 AM

тАО04-18-2001 05:06 AM

DCE command kdestroy does not remove old credential files...

Greetings,

I am running DCE 1.5 on HP-UX 10.20...

In order to delete abandoned DCE credential files I have the following entry
in crontab:
00 04 * * * /usr/bin/kdestroy -e 1d

However it seems that this command does not work very well...
The directory /opt/dcelocal/var/security/creds has more than 15000 files some
of there 17 days old...

Am I using the command correctly...
Is there some other way to remove abandoned DCE credential files without
shutting down DCE?

Thanks in advance for your help,

Kind Regards,

Rui.
"We should never stop learning"_________ rui.vilao@rocketmail.com
0 Kudos
Reply
5 REPLIES 5
John Bolene
Honored Contributor

тАО04-18-2001 05:12 AM

тАО04-18-2001 05:12 AM

Re: DCE command kdestroy does not remove old credential files...

My DCE is setup to have to revalidate after 26 hours.

I just remove the old files after they have been out there for a week.

Nothing automatic to remove them that I know of.
It is always a good day when you are launching rockets! http://tripolioklahoma.org, Mostly Missiles http://mostlymissiles.com
0 Kudos
Reply
Alex Glennie
Honored Contributor

тАО04-18-2001 06:19 AM

тАО04-18-2001 06:19 AM

Re: DCE command kdestroy does not remove old credential files...

Are you by any chance using DCE intergrated login ? I know of some issues that may go someway to explain this if this is the case ?
0 Kudos
Reply
Rui Vilao
Regular Advisor

тАО04-19-2001 01:46 AM

тАО04-19-2001 01:46 AM

Re: DCE command kdestroy does not remove old credential files...

John, Alex,

First of all thanks a lot for your contribution!

If kdestroy does not remove all the files, do you think thais command will do the job:

find /var/opt/dce/security/creds ! -atime 1 -exec rm {} \;

No, DCE integrated login is not used...
"We should never stop learning"_________ rui.vilao@rocketmail.com
0 Kudos
Reply
Alex Glennie
Honored Contributor

тАО04-19-2001 01:58 AM

тАО04-19-2001 01:58 AM

Re: DCE command kdestroy does not remove old credential files...

OK using sms at all if yes :

use

find /var/opt/dce/security/creds -user smsadm -mtime +1 | xargs rm -f

This shell command can be scheduled by cron at any interval the
system administrator would like. Every 6 hours should be more than
sufficient to prevent a build-up of obsolete credential files.
0 Kudos
Reply
Rui Vilao
Regular Advisor

тАО04-19-2001 03:43 AM

тАО04-19-2001 03:43 AM

Re: DCE command kdestroy does not remove old credential files...

Hi Alex,

Do you mean I have to specify in the find command as user the owner of the credential files (user smsadm does not exist in my system...)...
A lot of different users may exist!

Cheers,

Rui.
"We should never stop learning"_________ rui.vilao@rocketmail.com
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.