We don't want to trust $KRB5CCNAME since we could be operating under the wrong credentials. Always create new credcaches in the default location instead. Signed-off-by: Jeff Layton <jlayton@xxxxxxxxx> --- cifs.upcall.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/cifs.upcall.c b/cifs.upcall.c index f766a8b5799e..dbdfe7aff681 100644 --- a/cifs.upcall.c +++ b/cifs.upcall.c @@ -365,6 +365,12 @@ init_cc_from_keytab(const char *keytab_name, const char *user) memset((char *) &my_creds, 0, sizeof(my_creds)); + /* + * Unset the environment variable, if any. If we're creating our own + * credcache here, stick it in the default location. + */ + unsetenv(ENV_NAME); + if (keytab_name) ret = krb5_kt_resolve(context, keytab_name, &keytab); else -- 2.9.3 -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html