diff --git a/krb5-1.10-ksu-access.patch b/krb5-1.10-ksu-access.patch
new file mode 100644
index 0000000..ca155f7
--- /dev/null
+++ b/krb5-1.10-ksu-access.patch
@@ -0,0 +1,47 @@
+The idea is to not complain about problems in the default ticket file if we
+couldn't read it, because the client would be able to tell if it's there or
+not, and we're implicitly letting the client tell us where it is.  Still needs
+work, I think.
+
+--- krb5/src/clients/ksu/ccache.c
++++ krb5/src/clients/ksu/ccache.c
+@@ -78,7 +78,7 @@ krb5_error_code krb5_ccache_copy (contex
+     cc_def_name = krb5_cc_get_name(context, cc_def);
+     cc_other_name = krb5_cc_get_name(context, *cc_other);
+ 
+-    if ( ! stat(cc_def_name, &st_temp)){
++    if ( ! access(cc_def_name, R_OK) && ! stat(cc_def_name, &st_temp)){
+         if((retval = krb5_get_nonexp_tkts(context,cc_def,&cc_def_creds_arr))){
+             return retval;
+         }
+--- krb5/src/clients/ksu/heuristic.c
++++ krb5/src/clients/ksu/heuristic.c
+@@ -409,7 +409,7 @@ krb5_error_code find_either_ticket (cont
+ 
+     cc_source_name = krb5_cc_get_name(context, cc);
+ 
+-    if ( ! stat(cc_source_name, &st_temp)){
++    if ( ! access(cc_source_name, F_OK | R_OK) && ! stat(cc_source_name, &st_temp)){
+ 
+         retval = find_ticket(context, cc, client, end_server, &temp_found);
+         if (retval)
+@@ -569,7 +569,7 @@ krb5_error_code get_best_princ_for_targe
+     cc_source_name = krb5_cc_get_name(context, cc_source);
+ 
+ 
+-    if (! stat(cc_source_name, &st_temp)) {
++    if (! access(cc_source_name, F_OK | R_OK) && ! stat(cc_source_name, &st_temp)) {
+         retval = krb5_cc_get_principal(context, cc_source, &cc_def_princ);
+         if (retval)
+             return retval;
+--- krb5/src/clients/ksu/main.c
++++ krb5/src/clients/ksu/main.c
+@@ -270,7 +270,7 @@ main (argc, argv)
+                 if ( strchr(cc_source_tag, ':')){
+                     cc_source_tag_tmp = strchr(cc_source_tag, ':') + 1;
+ 
+-                    if( stat( cc_source_tag_tmp, &st_temp)){
++                    if( access( cc_source_tag_tmp, F_OK | R_OK) || stat( cc_source_tag_tmp, &st_temp)){
+                         com_err(prog_name, errno,
+                                 _("while looking for credentials file %s"),
+                                 cc_source_tag_tmp);
diff --git a/krb5-1.8-ksu-access.patch b/krb5-1.8-ksu-access.patch
deleted file mode 100644
index 75f7755..0000000
--- a/krb5-1.8-ksu-access.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-The idea is to not complain about problems in the default ticket file if we
-couldn't read it, because the client would be able to tell if it's there or
-not.  Still needs work, I think.
-
-diff -up krb5-1.8/src/clients/ksu/ccache.c.ksu-access krb5-1.8/src/clients/ksu/ccache.c
---- krb5-1.8/src/clients/ksu/ccache.c.ksu-access	2009-10-30 20:48:38.000000000 -0400
-+++ krb5-1.8/src/clients/ksu/ccache.c	2010-03-05 10:57:56.000000000 -0500
-@@ -78,7 +78,7 @@ krb5_error_code krb5_ccache_copy (contex
-     cc_def_name = krb5_cc_get_name(context, cc_def);
-     cc_other_name = krb5_cc_get_name(context, *cc_other);
- 
--    if ( ! stat(cc_def_name, &st_temp)){
-+    if ( ! access(cc_def_name, R_OK) && ! stat(cc_def_name, &st_temp)){
-         if((retval = krb5_get_nonexp_tkts(context,cc_def,&cc_def_creds_arr))){
-             return retval;
-         }
-diff -up krb5-1.8/src/clients/ksu/heuristic.c.ksu-access krb5-1.8/src/clients/ksu/heuristic.c
---- krb5-1.8/src/clients/ksu/heuristic.c.ksu-access	2009-10-30 20:48:38.000000000 -0400
-+++ krb5-1.8/src/clients/ksu/heuristic.c	2010-03-05 10:57:56.000000000 -0500
-@@ -409,7 +409,7 @@ krb5_error_code find_either_ticket (cont
- 
-     cc_source_name = krb5_cc_get_name(context, cc);
- 
--    if ( ! stat(cc_source_name, &st_temp)){
-+    if ( ! access(cc_source_name, F_OK | R_OK) && ! stat(cc_source_name, &st_temp)){
- 
-         retval = find_ticket(context, cc, client, end_server, &temp_found);
-         if (retval)
-@@ -569,7 +569,7 @@ krb5_error_code get_best_princ_for_targe
-     cc_source_name = krb5_cc_get_name(context, cc_source);
- 
- 
--    if (! stat(cc_source_name, &st_temp)) {
-+    if (! access(cc_source_name, F_OK | R_OK) && ! stat(cc_source_name, &st_temp)) {
-         retval = krb5_cc_get_principal(context, cc_source, &cc_def_princ);
-         if (retval)
-             return retval;
-diff -up krb5-1.8/src/clients/ksu/main.c.ksu-access krb5-1.8/src/clients/ksu/main.c
---- krb5-1.8/src/clients/ksu/main.c.ksu-access	2010-03-05 10:57:55.000000000 -0500
-+++ krb5-1.8/src/clients/ksu/main.c	2010-03-05 10:57:56.000000000 -0500
-@@ -270,7 +270,7 @@ main (argc, argv)
-                 if ( strchr(cc_source_tag, ':')){
-                     cc_source_tag_tmp = strchr(cc_source_tag, ':') + 1;
- 
--                    if( stat( cc_source_tag_tmp, &st_temp)){
-+                    if( access( cc_source_tag_tmp, F_OK | R_OK) || stat( cc_source_tag_tmp, &st_temp)){
-                         com_err (prog_name, errno,
-                                  "while looking for credentials file %s",
-                                  cc_source_tag_tmp);