GSSAPI for various murder component setups

Dennis Davis D.H.Davis at
Fri Jun 15 04:58:51 EDT 2012

On Wed, 13 Jun 2012, Dan White wrote:

> From: Dan White <dwhite at>
> To: Stephen Ingram <sbingram at>
> Cc: info-cyrus <info-cyrus at>
> Date: Wed, 13 Jun 2012 21:23:57
> Subject: Re: GSSAPI for various murder component setups


> The other issue is that where your systems are acting as clients
> (such as when a frontend server is connecting to an mupdate
> server), your client will need to initialize a kerberos ticket
> cache, and in my experience cannot use the kerberos credentials
> used to accept connections. Or in other words, your frontends
> might have an imap/ service ticket for accepting
> client imap connections, but then may need a separate ticket, such
> as cyrus/, for backend/mupdate connections. I
> use cronjobs, running as the cyrus user, to initialize those
> crendential caches.

I suspect some of Russ Allberry's software:

might be useful for obtaining and renewing kerberos credentials.
In particular kstart:
Dennis Davis, BUCS, University of Bath, Bath, BA2 7AY, UK
D.H.Davis at               Phone: +44 1225 386101

More information about the Info-cyrus mailing list