Environment variable for client flags?
Greg Hudson
ghudson at mit.edu
Mon Jul 9 11:11:05 EDT 2018
On 07/07/2018 02:29 PM, John Devitofranceschi wrote:
> Has an environment variable for client flags ever been considered?
>
> The specific use case I’m thinking about is a situation where a user may want to override a system-wide configuration without the overhead of managing their own KRB5_CONFIG file.
I don't think that idea has come up before. The Kerberos development
community has traditionally had some antipathy towards environment
variables, although of course a number of them have been added over time.
You can currently specify multiple config files, like:
KRB5_CONFIG=/path/to/my/config:/etc/krb5.conf
How overrides work in this construction isn't as well-defined as I would
like, but for initial ticket options, relations defined in the first
file should take precedence.
Although using <(printf "[libdefaults]\n forwardable=false\n") in the
above construction might be convenient, it should be avoided for now
because of http://krbdev.mit.edu/rt/Ticket/Display.html?id=8651 .
More information about the Kerberos
mailing list