Charles Hedrick via FreeIPA-users <freeipa-users@lists.fedorahosted.org>
writes:
> RHEL 9.0. /run/ipa/ccaches is filling with credential caches. Many are too old to be valid.
>
> I assume it's safe to have a cron job delete any more than a day old?
> (that's our maxmum lifetime.) I can't see the lifetime directly,
> because they are encrypted.
On my system I have a (disabled( systemd-timer named
ipa-ccache-sweep.timer. My guess would be that it get's enabled on new
installs, but somehow missed on updates. See the release notes of 4.9.9:
https://www.freeipa.org/page/Releases/4.9.9
Jochen
--
This space is intentionally left blank.