29 lines
617 B
Python
29 lines
617 B
Python
import subprocess
|
|
|
|
import gssapi
|
|
|
|
|
|
def krb_check():
|
|
"""
|
|
Spawns a `kinit` process if no credentials are available or the
|
|
credentials have expired.
|
|
Returns the principal string 'user@REALM'.
|
|
"""
|
|
try:
|
|
creds = gssapi.Credentials(usage='initiate')
|
|
except gssapi.raw.misc.GSSError:
|
|
kinit()
|
|
creds = gssapi.Credentials(usage='initiate')
|
|
|
|
try:
|
|
result = creds.inquire()
|
|
except gssapi.raw.exceptions.ExpiredCredentialsError:
|
|
kinit()
|
|
result = creds.inquire()
|
|
|
|
return str(result.name)
|
|
|
|
|
|
def kinit():
|
|
subprocess.run(['kinit'], check=True)
|