krb5.conf vs krb5.d/*.conf designs...

Charles Hedrick hedrick at rutgers.edu
Fri Feb 24 10:49:39 EST 2017


Redhat IPA installations already do that. You don’t need any new features. Just start /etc/krb5.conf with

includedir /etc/krb5.conf.d/


On Feb 23, 2017, at 4:37 PM, Keith Jones <K.E.Jones at brighton.ac.uk<mailto:K.E.Jones at brighton.ac.uk>> wrote:



Hiya,

My apologies for the newbie (and deeply naïve!) question but I've just joined the list because I can't find the google words to check if this has been discussed or explained to an idiot like me! :-).

Many distros (and packages) use a gently scaling concept where a system has a root "/etc/xxx,conf" file and then supports a "/etc/xxx.d/ " directory which contains multiple .conf files that are processed in traditional filename order (including paths directly seems to be going out of fashion). As Kerberos is security sensitive, I can imagine it might not be a very cool thing to support the "clobbering of settings" idea on any level, but it is rather flexible idea in real life to have config settings split into separate files and have things broken down into "override" global settings nicely.

 Are there any feature request conversations going about supporting a krb5.d/ directory?

Regards,

Keith

___________________________________________________________
This email has been scanned by MessageLabs' Email Security System
on behalf of the University of Brighton. For more information see:
https://staff.brighton.ac.uk/is/computing/Pages/Email/spam.aspx

________________________________________________
Kerberos mailing list           Kerberos at mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos



More information about the Kerberos mailing list