Porting Heimdal's libkafs to MIT Kerberos
kenh at cmf.nrl.navy.mil
Fri Jan 9 15:45:30 EST 2004
>Yes, Heimdal's customer base cares a lot more about AFS than our
>perceived customer base does. So we make different decisions about
>what to include.
Well, I can only say that a recent thread on one of the openafs mailing
lists indicated to me that plenty of MIT customers care about AFS
support. And I guess it's a sort of self-fulfilling support policy,
isn't it? I mean, if a particular Kerberos implementation doesn't
support AFS very well, the users may switch to a Kerberos
implementation that does.
>I don't understand why AC_CHECK_LIB(kafs) or whatever is so hard.
Well, it works as well as AC_CHECK_LIB(krb5) does. That is to say, it
seems easy, but it sucks in practice. The real problem is that in my
experience, you have to go through a bunch of autoconf contortions to
check for a library in a non-standard location. This was the whole crap
that krb5-config was designed to address, and I was _so_ glad when
I was able to rip all of that out and simply switch to using krb5-config,
because although I tried my very best, it just never worked very well.
That's one of the problems. The other problem is that it's one extra
piece and that has a whole bunch of secondary effects. It's one more
library I have to distribute to systems locally, it's one more thing that
users of my software have to get and install. If I could just say, "Hey,
you need MIT Kerberos version X or greater", that's a lot easier than
saying, "Hey, you need to get MIT Kerberos, _and_ this other package".
These aren't insurmountable problems, they're just annoying, especially
when the _other_ guys just ship with it.
Again, that's only my perspective as a developer.
More information about the krbdev