problem using disable_last_success
Greg Hudson
ghudson at MIT.EDU
Tue Aug 2 15:59:20 EDT 2011
On Tue, 2011-08-02 at 12:54 -0400, Dave Steiner wrote:
> So I put the following in my krb5.conf, per the instructions in the
> Administrator's Guide:
>
> [dbmodules]
> disable_last_success = true
That's not what the administrator's guide was trying to say. You should
have a subsection in dbmodules corresponding to the database_module
directive in your realm definition. For example:
[realms]
KRBTEST.COM = {
...
database_module = db2-krbtest
...
}
[dbmodules]
db2-krbtest = {
disable_last_success = true
database_name = /path/to/...
...
}
> Didn't really notice any improvement but ok.... then someone noticed
> that we were still logging! I dug around the code and found the
> krb5.conf manpage that says this belongs in the dbdefaults section....
That's a bug. I'll change either the code or the documentation after
looking at the situation a little more.
More information about the Kerberos
mailing list