Red Hat Bugzilla – Bug 1031724
Keyring ccaches should set timeout on the keyring
Last modified: 2014-06-17 21:08:07 EDT
The keyring caches do not have an explicit timeout set.
Keyrings should be made to expire when the credentials they contain expire to avoid keeping kernel memory/tmpfs busy with useless data.
It is important on big systems that have many users and all of them acquire kerberos credentials.
A patch to implement this feature is available upstream in commit: 29e60c5b7ac0980606971afc6fd6028bcf0c7f0f
This request was resolved in Red Hat Enterprise Linux 7.0.
Contact your manager or support representative in case you have further questions about the request.