Feature request for kprop
Michael Raitza
spacefrogg-devel at meterriblecrew.net
Wed Aug 7 11:11:24 EDT 2013
Hello,
when using the kprop client to sync kerberos databases the hostname used
for the acquiring the service's principal is left unspecified. Depending
on the server configuration the wrong hostname is resolved for the
service and authentication fails accordingly. E.g. having a host with
name `a' (according to its local knowledge, DNS A record) and a DNS
service record pointing to `krb-a' (another A record) which itself
points to the host's IP address. The correct resolution would be `krb-a'
for the kprop service but `a' is actually resolved.
My suggested fix is to have a command-line option to select the hostname
to be used by kprop.
I have a patch at hand and my only question is how to proceed from here?
Can I send it to this list?
Regards,
Michael
More information about the Kerberos
mailing list