Wrap Heimdal Kinit
Heimdal (see http://www.pdc.kth.se/heimdal/) is a popular Kerberos V implementation. It provides a kinit program that allows a user to obtain a Kerberos V ticket. For some purposes, such as running a demon that needs access to a AFS directory, it is useful to have a script that runs kinit. However, kinit is designed for interactive use: it prompts for a password on a tty.
Here is a scsh script that uses scsh-expect (see http://www.scsh.net/resources/varia.html) to communicate with kinit. The function run-kinit takes a user and a password as arguments and returns whether obtaining the ticket succeeded by returning #t or #f if it fails (for example if the password is wrong).
exec scsh -lel expect/load.scm -o threads -o expect -e main -s "$0" "$@"
(define (run-kinit user password)
(let ((task (spawn ("kinit" ,user) (= 2 1))))
(chat-abort (rx "Password incorrect"))
(lambda (event value)
((eof) (return (zero? (wait (task:process task)))))
((timeout abort) (return #f)))))
(look-for (rx (: ,user "@" (+ (- any #\')) "'s Password:")))
(look-for (rx (: #\space ,(ascii->char 13) ,(ascii->char 10))))
(look-for (rx (- any any))))))))
(define (main args)
(if (not (= 3 (length args)))
(display "Usage: kinit-wrapper.scm <user> <password>\n"
(if (run-kinit (cadr args) (caddr args))
WrapHeimdalKinit - raw wiki source |
code snippets archive