krb5.conf vs krb5.d/*.conf designs...
Charles Hedrick
hedrick at rutgers.edu
Fri Feb 24 10:49:39 EST 2017
Redhat IPA installations already do that. You don’t need any new features. Just start /etc/krb5.conf with
includedir /etc/krb5.conf.d/
On Feb 23, 2017, at 4:37 PM, Keith Jones <K.E.Jones at brighton.ac.uk<mailto:K.E.Jones at brighton.ac.uk>> wrote:
Hiya,
My apologies for the newbie (and deeply naïve!) question but I've just joined the list because I can't find the google words to check if this has been discussed or explained to an idiot like me! :-).
Many distros (and packages) use a gently scaling concept where a system has a root "/etc/xxx,conf" file and then supports a "/etc/xxx.d/ " directory which contains multiple .conf files that are processed in traditional filename order (including paths directly seems to be going out of fashion). As Kerberos is security sensitive, I can imagine it might not be a very cool thing to support the "clobbering of settings" idea on any level, but it is rather flexible idea in real life to have config settings split into separate files and have things broken down into "override" global settings nicely.
Are there any feature request conversations going about supporting a krb5.d/ directory?
Regards,
Keith
___________________________________________________________
This email has been scanned by MessageLabs' Email Security System
on behalf of the University of Brighton. For more information see:
https://staff.brighton.ac.uk/is/computing/Pages/Email/spam.aspx
________________________________________________
Kerberos mailing list Kerberos at mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
More information about the Kerberos
mailing list