# $LastChangedBy$
#
-while getopts ":i:" opt; do
+function usage {
+ cat >&2 <<EOH
+Usage: $0 -i service_part -r REALM -u user [command]"
+EOH
+ exit 1
+}
+
+while getopts "i:r:u:h:" opt; do
case $opt in
i)
userpart=$OPTARG
;;
+ r)
+ realm=$OPTARG
+ ;;
+ u)
+ localuser=$OPTARG
+ ;;
+ h)
+ usage
+ ;;
\?)
- echo "Error: unsupported option -$OPTARG" >&2
- exit 1
+ usage
+# echo "Error: unsupported option -$OPTARG" >&2
;;
esac
done
shift $(($OPTIND - 1))
-if [ -z "$userpart" ]; then
- echo "Error: no service part defined (use -i <service>)" >&2
- exit 2
+if [ -n "$userpart" ]; then
+ userpart="$userpart"
+ userpart_slash="/$userpart"
fi
if [ $# -eq 0 ]; then
exit 3
fi
-ccache=/tmp/krb5cc_${UID}_${userpart}
+# Realm:
+REALMARG=""
+if [ -n "$realm" ]; then
+ REALMARG="@$realm"
+fi
-if klist -s -c $ccache; then
- export KRB5CCNAME=$ccache
-else
- export KRB5CCNAME=$ccache
- kinit -p $USER/$userpart
+# Fix user:
+KRBUSER=$USER
+if [ -n "$localuser" ]; then
+ KRBUSER=$localuser
fi
+PRINC=$KRBUSER$userpart_slash$REALMARG
+
+export KRB5CCNAME=/tmp/krb5cc_${UID}_${KRBUSER}_${userpart}
+
+k5start -H 30 -u "$PRINC"
+
+#if klist -s -c $ccache; then
+# export KRB5CCNAME=$ccache
+#else
+# export KRB5CCNAME=$ccache
+# kinit -p $KRBUSER$userpart_slash$REALMARG
+#fi
+
exec "$@"
+mh-sysadmin-tools (1.2) unstable; urgency=low
+
+ * with-creds now supports specification of user and realm
+
+ -- Michael Howe <michael@michaelhowe.org> Sun, 04 Mar 2012 17:52:56 +0000
+
mh-sysadmin-tools (1.1) unstable; urgency=low
* Don't forward X11 when using SSH
projects / packages / m / mh-sysadmin-tools.git / commitdiff