Simple auto kinit for OS X

I wrote a couple small shell scripts to automate kinit when my MacBook Pro is connected to the internal company network. The first, kckinit, uses the OS X keychain to store my Kerberos password. The trick is to run the native kinit using < /dev/null. Apparently this will cause kinit to display a dialogue window which has a "remember in keychain" option. Once I did that I am able to run "kinit myprinc@FOO.COM #!/bin/ksh -p # This looks odd but kinit if it detects that stdin is being used will # pop up a password dialog window which allows the password for that # princ to be saved in the keychain and from then on will use the # keychain to get the password. if [[ $# -ne 1 || "$1" == @('-?'|'--help') ]] then echo "Usage: ${0##\*/} <sun|mit>" exit 1 fi case $1 mit) /usr/bin/kinit will@ATHENA.MIT.EDU < /dev/null;; sun) /usr/bin/kinit will@SUN.COM < /dev/null;; \*) print -u 2 "Usage: ${0##\*/} "; exit 1;; esac The second script calls the first one in a loop that runs in the background. I call the script auto_kinit. Here is the script:
#!/bin/ksh -p

(realm='SUN.COM'
princ="will@$realm"
host='foo.central.sun.com'

while true
do
	if (! /usr/bin/klist 2>/dev/null|\\
              /usr/bin/fgrep "Default principal: $princ" >/dev/null 2>&1) &&\\
	   (ping -c2 -oq $host >/dev/null 2>&1)
	then
		~/bin/kckinit sun
	fi
	sleep 45
done)&
It will detect when it is on the corporate network and do a kckinit while running as a background job. I've added auto_kinit as a login startup item.
Comments:

Post a Comment:
Comments are closed for this entry.
About

user12615206

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today