#!/bin/bash
#
# Copyright (C) 2011 W. Trevor King <wking@drexel.edu>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this program.  If not, see
# <http://www.gnu.org/licenses/>.

# usage: kinit-mpd.sh
#
# Uses root permissions to assume `nobody` credentials from a central
# keytab, and then transfers ownership of the resulting ticket to the
# `mpd` user.

ROOT_UID=$(id --user root)
MPD_UID=$(id --user mpd)
NOBODY_KEYTAB=/etc/krb5.nobody.keytab
NOBODY_USER=nobody

sudo kinit -k -t "${NOBODY_KEYTAB}" "${NOBODY_USER}"
sudo mv "/tmp/krb5cc_${ROOT_UID}" "/tmp/krb5cc_${MPD_UID}"
sudo chown mpd.audio "/tmp/krb5cc_${MPD_UID}"