From d148b07acb5fb8998ec1e76da8a2f01ee0e74328 Mon Sep 17 00:00:00 2001 From: Iain Patterson Date: Thu, 18 Nov 2010 17:39:50 +0000 Subject: [PATCH] Handle credential expiration. Request tmux to launch kinit in a new window if credentials expire. --- opt/bin/ktmux_helper | 31 ++++++++++++++++++++++++++++++- 1 file changed, 30 insertions(+), 1 deletion(-) diff --git a/opt/bin/ktmux_helper b/opt/bin/ktmux_helper index e62b4a5..1ed6e46 100755 --- a/opt/bin/ktmux_helper +++ b/opt/bin/ktmux_helper @@ -19,13 +19,17 @@ unless ($tmux_pid) { # Ensure there isn't already a helper running for this tmux. my $tmux_helper = &get_tmux_helper; exit 0 if $tmux_helper; +$tmux_helper = $$; my $exitasap = 0; my $pid = 0; +our $have_valid_credentials = undef; $SIG{INT} = \&cleanup; $SIG{QUIT} = \&cleanup; $SIG{TERM} = \&cleanup; +$SIG{USR1} = \&want_credentials; +$SIG{USR2} = \&got_credentials; LOOP: while (&ping_tmux) { $pid = fork; @@ -39,11 +43,12 @@ LOOP: while (&ping_tmux) { } # tmux is dead so kill krenew. - kill 3, $pid; + kill QUIT, $pid; waitpid $pid, 0; exit 0; } else { + kill USR2, $tmux_helper unless &check_credentials; exec "krenew", "-K", "60"; print "$PROG: Can't run krenew: $!\n"; exit 111; @@ -76,6 +81,30 @@ sub ping_tmux { return kill 0, $tmux_pid; } +# Try to check existing Kerberos credentials. +sub check_credentials { + system "klist", "-s"; + return 1 if $? < 0; + return 0 unless $?; + kill USR1, $tmux_helper; + return 111; +} + +# We were signalled by our child which noticed that our credentials expired. +sub want_credentials { + # Do we already know? + return if defined $have_valid_credentials && $have_valid_credentials == 0; + $SIG{USR1} = IGNORE; + $have_valid_credentials = 0; + system "tmux", "new-window", "exec kinit"; +} + +# We were signalled by our child which noticed that our credentials are valid. +sub got_credentials { + $have_valid_credentials = 1; + $SIG{USR1} = \&want_credentials; +} + sub cleanup { unless ($exitasap) { $exitasap = 1; -- 2.20.1