Heimdal question

Emiel Kollof coolvibe at hackerheaven.org
Tue Nov 25 08:05:42 PST 2003


* Emiel Kollof (coolvibe at xxxxxxxxxxxxxxxx) wrote:
> * Matthew Dillon (dillon at xxxxxxxxxxxxxxxxxxxx) wrote:
> 
> [snip]
> > :Since eBones is gone, would it be allright to rename the Heimdal utils
> > :(k5admin, k5init et al) back to their 'proper' names? This would bring
> > :Heimdal on DfBSD more in line with FreeBSD CURRENT (they threw out
> > :eBones as well AFAIK), and more consistent with all the Heimdal docs "out
> > :there"(tm).
> 
> [snip]
> >     That would be nice.  I would guess that most of the changes to
> >     the heimdal infrastructure could be brought in from FreeBSD-5 almost
> >     verbatim.
> 
> I could give it a shot, but my experience of CVS doesn't reach much
> further than small scale development. Let alone importing from a foreign
> and alien branch.
> 
> If absolutely nobody feels up to the task, I'll give it a shot. It might
> be quite a learning experience.

David Rhodus and I are now going back an forth on how to do this best. I
already sent him a patch that can be applied to src/kerberos5 which I
didn't generate from cvs (like the one I sent to submit@) which crudely
deletes and creates the new directory names. 

Another question regarding this: Would anyone mind terribly if krb5.conf
and the krb5 keytabs were moved to /etc/kerberosV (like OpenBSD) or to
/etc/heimdal? That way, it's easier to provide an example
(src/share/examples/etc/kerberosV/krb5.conf.example) and to plunk down a
few READMEs that quickly describe how to set up a kerberized site.

As for backwards 'compatibility', I think I can hack in something that
checks the new krb5.conf/krb5.keytab location first and then falls back to the old
location with a warning if so inclined as not to cause too much
breakage.

Cheers,
Emiel
-- 





More information about the Kernel mailing list