hub: Automatically fetch a TGT when a keytab has been given

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/src/pakfire/hub.py b/src/pakfire/hub.py
index 4dba78671263482ba5aa3a28256f04f38e341af4..15ee9a37728ebb647924f0947264726f2d4c69a6 100644 (file)
--- a/src/pakfire/hub.py
+++ b/src/pakfire/hub.py
@@ -70,6 +70,25 @@ class Hub(object):
 
                # XXX support proxies
 
+               # Fetch a TGT with the given keytab
+               if self.keytab:
+                       self._setup_credentials_cache()
+
+                       self._fetch_kerberos_ticket()
+
+       def _setup_credentials_cache(self):
+               """
+                       Create a temporary file to be used as Kerberos credentials cache
+               """
+               self.credentials_cache = tempfile.NamedTemporaryFile()
+
+               os.environ["KRB5CCNAME"] = self.credentials_cache.name
+
+       def _fetch_kerberos_ticket(self):
+               command = ["kinit", "-k", "-t", self.keytab]
+
+               p = subprocess.run(command, check=True, capture_output=True, text=True)
+
        async def _socket(self, path, **kwargs):
                return await self._request("GET", path,