| 1 | #!/bin/bash |
| 2 | # Get an AFS token for the given user. |
| 3 | # |
| 4 | # This is used to deliver mail with the appropriate credentials. |
| 5 | |
| 6 | # fuse stdin and stderr |
| 7 | exec 2>&1 |
| 8 | USER=$1 |
| 9 | |
| 10 | # all future output goes to this file |
| 11 | exec >&/tmp/get-token-log.$USER |
| 12 | |
| 13 | # check that setuid happened |
| 14 | whoami |
| 15 | |
| 16 | # set the credentials cache |
| 17 | export KRB5CCNAME=FILE:/tmp/krb5cc_$USER.email |
| 18 | |
| 19 | # eliminate any previous tokens |
| 20 | kdestroy |
| 21 | unlog |
| 22 | KEYTAB=/etc/keytabs/user.daemon/$USER |
| 23 | |
| 24 | # display command-to-be-invoked as a sanity check |
| 25 | echo kinit -kt $KEYTAB $USER/daemon@HCOOP.NET |
| 26 | |
| 27 | kinit -kt $KEYTAB $USER/daemon@HCOOP.NET |
| 28 | aklog |
| 29 | |