Menu
I would like to be able to check (in my bash script) whether I have a valid unexpired ticket for a specific service. I can get this information by hand if I do klist, but it would be a bit of work to programmatically parse the expiration time, service principals, etc. Is there an easier way to do this? Thanks.
260
Try klist -s, which should return a status code of 0 if you have a valid ticker, or 1 if not. You can then test that by looking at $?. For example:
if ! klist -s
then
echo "kerberos ticket not valid; please run kinit"
exit 1
fi
answered Sep 22 '22 12:09
klist1 does not support the requested functionality. But it's not hard to write in bash, as @CharlesDuffy suggested:
if ! klist 2> /dev/null | grep -q 'Principal: <your account>@<your domain>'
then
echo "Error: a Kerberos ticket for <your account>@<your domain> is needed."
exit 1
fi
The 2> /dev/null discards klist's error output when no tickets are cached.
20
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
