Cover photo
Anthony Messina
Attended National-Louis University
Lives in Chicago, IL, US
29 followers|47,940 views


Anthony Messina

Shared publicly  - 
Hailey Messina and 4 more were tagged in Anthony Messina's photos.

Anthony Messina

Shared publicly  - 

Anthony Messina

Shared publicly  - 
The last day of my MBA program has arrived! I feel better already!
Marci Messina's profile photo
Congratulations Baby! We've missed you!

Anthony Messina

Shared publicly  - 
Screen display issue after upgrading a Thinkpad X200s to kernel-3.8.3-201.fc18.x86_64. 
Anthony Messina's profile photo
Have him in circles
29 people
Barbara Messina's profile photo
Sam Messina's profile photo
Jennifer Mehl's profile photo
Marci Messina and 2 more were tagged in Anthony Messina's photos.

Anthony Messina

Shared publicly  - 
An excellent read

Anthony Messina

Shared publicly  - 
Enjoying a spur of the moment dinner.
Kaitlyn Messina and Hailey Messina were tagged in Anthony Messina's photos.

Anthony Messina

Shared publicly  - 

Anthony Messina

Discussion  - 
I've been struggling with this one for a while...  If anyone has any pointers, I'd appreciate hearing them.

I have a few services that need to obtain Kerberos user tickets to be able to access NFSv4.1 filesystems in Fedora 18.  Mostly the services are for the "apache" and "mythtv" users.  In addition, I'd like to enable my MythTV frontends to login automatically after they've obtained their user tickets and can access their home directories, and other media directories.

In Fedora 17, the was relatively simple (hah!), as I would create a specific unit file similar to the following for the "apache" user:

.include /usr/lib/systemd/system/httpd.service

ExecStartPre=/usr/bin/kinit -r 604800s -k -t ${KRB5_KTNAME} apache ; /usr/bin/chown -R apache:apache ${KRB5CCSYSNAME} ; /usr/bin/chcon -R -t user_tmp_t ${KRB5CCSYSNAME}

Then in my "apache" user's cron job, I'd simply specify a line with the command "/usr/bin/kinit -R" and everything worked beautifully.

Now that I've upgraded many of my systems to Fedora 18 with the KRB5CCNAME changes, and with +systemd being so damned fast ;) I'm having lots of complications especially with the MythTV frontend autologin users which are are not local to any machine, but held in FreeIPA/SSSD

At first, I tried to use systemd-tmpfiles:
d /run/user/1234567 0700 mythtv-fe1 mythtv-fe1

but realized that systemd doesn't know about the mythtv-fe1 user at that point in the startup since sssd isn't started, so then I tried using the uidnumber instead:
d /run/user/1234567 0700 1234567 1234567

which didn't work :(

So I'm currently trying the following unit file which works sometimes, but other times I get the error systemd[1]: Cannot add dependency job for unit lightdm.service, ignoring: Unit mythtv-kinit.service failed to load: Cannot allocate memory. See system logs and 'systemctl status mythtv-kinit.service, which doesn't tell me anything useful.

Description=Kerberos v5 credentials for mythtv-fe1
Before=display-manager.service sssd.service

ExecStartPre=/usr/bin/mkdir -p -m 0700 /run/user/%U ; /usr/bin/mkdir -p -m 0700 /run/user/%U/krb5cc ; /bin/chown -R %u:%u /run/user/%U ; /usr/bin/chcon -R -t user_tmp_t /run/user/%U
ExecStart=/usr/bin/kinit -V -r 604800s -k -t ${KRB5_KTNAME} %u


I keep thinking that there's got to be a better more native way of doing this, right???  Any help is appreciated in letting me know how to improve integration between +systemd and Kerberos.

Thanks and have a great day.
Anthony Messina's profile photoMantas Mikulėnas's profile photo
Can any +systemd gurus offer some suggestions on this:

Description=k5start Kerberos ticket service for user: %i
Before=display-manager.service httpd.service mythbackend.service sssd.service

ExecStartPre=/usr/bin/mkdir -p -m 0700 /run/user/%U ; /usr/bin/mkdir -p -m 0700 /run/user/%U/krb5cc ; /bin/chown -R %u:%u /run/user/%U ; /usr/bin/chcon -R -t user_tmp_t /run/user/%U
ExecStart=/usr/bin/k5start -b -f /etc/k5start.d/%u.keytab -K 60 -p /run/user/%U/ -L -v -U
ExecReload=/bin/kill -ALRM $MAINPID

Add a comment...
Have him in circles
29 people
Barbara Messina's profile photo
Sam Messina's profile photo
Jennifer Mehl's profile photo
  • National-Louis University
    MBA, 2010 - 2013
  • Bradley University
    BSN, 1995 - 2001
Basic Information
Emergency Department Nurse
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Chicago, IL, US
Anthony Messina's +1's are the things they like, agree with, or want to recommend.
A Nation of Wimps

Parents are going to ludicrous lengths to take the bumps out of life for their children. However, parental hyperconcern has the net effect o

End Piracy, Not Liberty – Google

Millions of Americans oppose SOPA and PIPA because these bills would censor the Internet and slow economic growth in the U.S.. Two bills bef

'Blues Brothers' mall set to star in demolition

Bulldozers soon may finish what Jake and Elwood started more than 30 years ago: the destruction of the Dixie Square Mall.

LiCo - The New Linux Counter Project

The New Linux Counter was created in order to replace and revive the good old, original Linux Counter Project on Alexander M


CSipSimple - High quality OpenSource SIP OpenSource (GPL) project for SIP on Android. * High performances * Rewriting/filtering rules for

SVGGraph - a PHP SVG graph library

SVGGraph 2.10 - a PHP SVG graph library. Skip to: Using SVGGraph · SVG in HTML · General settings · Bar graphs · 3D bar graphs · Horizontal

CTA to auction off unused supplies to raise cash

Once meant for public trains and buses, the untouched heaters, rod ends and spools of copper wire have instead collected dust for years at t

Messinet Secure Services

On Friday, 2012-11-16 at 08:00 CST, Messinet Secure Services will begin the switch from ADSL internet service provided by Cyberonic Internet

Free Accounting Software | GnuCash

A personal and small-business financial-accounting software, licensed under GNU/GPL and available for Linux, Windows, Mac OS X, BSD, and Sol

Digium AEX422e — VoIP Supply

Digium AEX422e. Get your Digium AEX422e from the Digium experts. Learn about, review and purchase the Digium AEX422e here today!


SIP application for Android devices

CardDAV-Sync beta

CardDAV-Sync is a CardDAV client for Android to synchronize contacts. Due to its implementation as sync adapter it integrates seamlessly wit

CalDAV-Sync beta

CalDAV-Sync is a CalDAV client for Android to synchronize events. Due to its implementation as sync adapter it integrates seamlessly with th


Mythtv frontend control interface. Mythmote allows you to control MythTV frontends through a network connection. Features include multiple f

Rahm Emanuel to middle class: Don’t leave for better schools - Chicago S...

Mayor Rahm Emanuel has a message to the middle class: Don’t leave my city in pursuit of a high-quality, high school education for your kids.

Transit Tracks: Chicago - Apps on Android Market

Whether you live in the Windy City or you're just passing by, Transit Tracks: Chicago is an indispensable tool for tracking real-time CTA bu

IaxAgent Beta - Apps on Android Market

IaxAgent allows you to make phone calls using VoIP. Ideally for reducing the cost of your long distance calls when configured with your pref

Google Groups - Wifi vs. Cellular & DNS resolution issues/Flush DNS ...

Cellular & DNS resolution issues/Flush DNS cache on network change, Anthony Messina, 2/3/12 6:49 AM, I am having issues resolving proper