kinit seems to behave differently when it is invoked under the launchd
mechanism, than when it is invoked from a command line. I believe all
the relevant environment variables are set identically, but the outcome
is different.

*Background:*

I have a Mac OS 10.5 ("Leopard") client machine. It is in contact with
a linux Kerberos server. I have a ticket that I want to keep alive, so
that an application can use it to authenticate to another server. The
normal Unix way to do this would be to set up a cron job to renew the
ticket every couple of hours. I am trying to do it the Leopard way, by
adding an xml plist file to /Library/LaunchDaemons that invokes kinit

*Problem:*

When I run the kinit command from the command line, it works fine (in my
example below I've changed the name to host.domain.com

/sudo -u openldap env
KRB5CCNAME="FILE:/var/db/openldap/syncrepl.tkt" kinit -k -t
/var/db/openldap/syncrepl.keytab syncrepl/host.domain.com/


On the other hand, when I use the launchd mechanism to run it, I get an
error in the log:

/Jan 8 01:29:38 syncrepl-kinit13049
: kinit: Error getting initial
tickets: Internal credentials cache error/

Normally that error message refers to an inability to read or write the
key cache, I believe

If you're still reading, here's the plist file (again, I've changed the
names)
**

"http://www.apple.com/DTDs/PropertyList-1.0.dtd">


Label
syncrepl-kinit
Disabled

Program
/usr/bin/kinit
ProgramArguments

/usr/bin/kinit
-k
-t
/var/db/openldap/syncrepl.keytab
syncrepl/host.domain.com

EnvironmentVariables

KRB5CCNAME
FILE:/var/db/openldap/syncrepl.tkt

UserName
openldap
RunAtLoad

StartCalendarInterval
21600
LowPriorityIO