merged linux keyring code
jhutz at cmu.edu
Tue Oct 3 14:47:41 EDT 2006
On Tuesday, October 03, 2006 09:39:13 AM -0400 Jeffrey Altman
<jaltman at MIT.EDU> wrote:
> Kevin Coffman wrote:
>> There are two parts. First, the kernel support is optional, so the
>> basic kernel keyring support may or may not be present. (It is only
>> available in 2.6.11-ish and later.) Then there is the user-land
>> library. I'm not sure if Debian or SuSe are enabling keyring support
>> in their kernel, or if they include the library by default. The
>> keyring support came from a Redhat person, so their newer releases
>> definitely have it.
> If the OpenAFS experience is anything to go by, do not support keyrings
> on kernels earlier than 2.6.18.
OpenAFS's experience is about kernel-level interfaces; I don't recall
anything that would make supporting keyring ccaches on older kernels a bad
I would suggest that a runtime test to determine whether the library is
available is unnecessary. It's sufficient to determine at build time
whether the library is available (and presumably have a --with switch), and
if the feature is enabled, require the library.
More information about the krbdev